Info Edge’s recruitment business Naukri.com has sent out emails to users asking them to reset their passwords and create a new one, noting that it has been experiencing security attacks on its site. (A copy of the email below).
On being contacted by Medianama to check for any possible security breach at Naukri, Info Edge CEO Hitesh Oberoi mentioned that they are still investigating the issue and its possible that some user passwords may have been compromised due to security attacks but he cannot confirm it as yet.
Update: Naukri has informed that the passwords of some jobseekers might have been stolen. The employer side of the site was not affected and no payment data has been stolen since the site doesn’t store any payment details. The company also noted that it is still investigating the issue and have recently increased its security infrastructure, operational controls and vigilance.
Oberoi said that they have sent out these email to select users whose details may have been compromised during these attacks and also just to be “extra careful” in face of the massive vulnerability discovered in the web encryption software OpenSSL earlier this month, known as the Heartbleed bug. This bug has affected majority of the online service providers including Yahoo, Google, Dropbox and Instagram among others, however most of them seems to have now patched this bug by re-issuing the security certifications.
He noted that there has been several attempts to breach Naukri’s security earlier, which includes distributed denial of service (DDoS) attacks and various other security attacks.
Resume database unaffected: Oberoi mentioned that the resume database has however not been affected by these attacks. Remember that Naukri currently leads the online recruitment business in India and contributes for a majority of Info Edge’s topline. As per the company’s datasheet, it has around 36 million resumes uploaded from 27,000 unique users as of December 2013.
We are currently awaiting for more information from Naukri regarding this security attacks and will update once we hear back.
Email sent to select registered users
Dear User,
We have been experiencing security attacks on our website. In order to ensure safety of your account, we suggest that you create a new password.
Please click on the link below to create a new password.
https://login.naukri.com/nLogin/forgotpass.php
In case you have used the same password on some other website, we recommend you change that password as well.
Our security team is closely investigating and monitoring all activity. We apologize for the inconvenience caused and would like to assure you that we are taking extensive measures to ensure the security of all your data.
Regards,
Naukri Team