Hiring Platform Foh&Boh Exposes 5.4 Million Job Seekers’ Resumes in Unsecured AWS Bucket A major data exposure incident has left the personal details of millions of job seekers vulnerable after U.S.-based hiring and onboarding platform Foh&Boh accidentally left an AWS S3 bucket unsecured, containing 5.4 million files primarily CVs and resumes. The breach, discovered by the Cybernews research team, exposed sensitive applicant information, including work history, contact details, and personal identifiers, which could be exploited for identity theft, phishing attacks, and financial fraud. Foh&Boh serves high-profile clients in the restaurant, hotel, and retail industries, including Taco Bell, KFC, Omni Hotels & Resorts, Nordstrom, and Hyatt Grand. The exposed data could allow cybercriminals to craft highly targeted phishing emails, referencing specific job applications or career details to deceive victims into revealing financial information or installing malware. Researchers warned that attackers might also use the data to open fraudulent bank accounts, apply for credit, or launch synthetic identity scams, particularly targeting individuals in vulnerable financial situations. The unsecured bucket was closed after multiple attempts to contact Foh&Boh, but the extent of unauthorized access remains unclear. The incident underscores the risks of misconfigured cloud storage, with experts recommending stricter access controls, encryption, and log reviews to prevent similar exposures. This breach follows another recent incident involving Luxshare, a key Apple supplier, where a ransomware group allegedly stole confidential data from Apple, Nvidia, and LG. The Foh&Boh leak highlights the growing threat of resume-based cyberattacks, where attackers leverage personal data to bypass security measures and exploit job seekers.

Millions of Job Seekers’ Resumes Exposed in Foh&Boh Data Breach A major data exposure incident involving Foh&Boh, a U.S.-based hiring and onboarding platform for restaurants, hotels, and retailers, has left 5.4 million files primarily CVs and resumes publicly accessible via an unsecured AWS bucket. The breach, discovered by the Cybernews research team, exposed sensitive personal details that job applicants typically share with employers, including work history, contact information, and professional references. The platform serves high-profile clients such as Taco Bell, KFC, Omni Hotels & Resorts, Nordstrom, and Hyatt Grand, raising concerns about the potential misuse of the leaked data. While the dataset was secured after multiple attempts to contact Foh&Boh, the exposure could have enabled targeted phishing attacks, identity theft, and financial fraud. Researchers warned that cybercriminals could exploit the stolen information to craft highly personalized phishing emails, referencing specific job details or career interests to deceive victims. The data could also be weaponized for synthetic identity fraud, allowing attackers to open fraudulent bank accounts or apply for credit under victims’ names. Additionally, scammers might target financially vulnerable individuals with "get-rich-quick" schemes or impersonate past employers to extract further sensitive information. The incident underscores the risks of misconfigured cloud storage, with experts recommending stricter access controls, encryption, and retrospective log reviews to prevent unauthorized access. While the bucket is no longer publicly accessible, the long-term impact on affected job seekers remains unclear.