14 DAY TRIAL // An Ukrainian government job portal has leaked the personal data of an undisclosed number of citizens, with local officials claiming they already discovered and fixed what they describe as a “vulnerability.”
The https://career.gov.ua/ portal was used by Ukrainian authorities to advertise government jobs and required applicants to submit personal identifiable information, including full names, addresses, ID scans, passport scans, diploma, and other graduation documents.
A member of the Ukrainian Cyber Alliance non-profit discovered the data breach and reported it to the National Security and Defense Council. According to Ukrainian officials, the exposed information includes a copy of the password and several other documents.
The National Security and Defense Council, however, refused to reveal the cause of the data leak, so for now it’s not yet clear if the incident happened as part of a cyberattack or the result of a human error. The NSDC didn’t provide more specifics on how many individuals were affected either.
Cyber problems
This data breach isn’t Ukraine’s only cyber problem this month. The Kiev government has recently reached out to the FBI for an investigation of what authorities believe was a cyberattack aimed at energy company Burisma. Ukrainian authorities believe Russia-sponsored hackers launched the cyberattack, with information like personal employee data and internal emails possibly exposed.
“It is noted that the hacking attack was probably committed by the Russian special services,” Ukrainian interior ministry official Artem Minyailo was quoted as saying by a number of sources. “The national police has initiated the creation of a joint international investigation team, to which FBI representatives have already been invited by the ministry.”
At the time of writing, the government job portal “vulnerability” has already been fixed, local officials claim, so personal data belonging to job applicants is no longer exposed. The site has fully recovered and is running normally.