Virgin Media could find itself hauled up in front of the Information Commissioner’s Office after a flaw in its online graduate recruitment site exposed up to 50,000 CVs from job applicants.
The cock-up was spotted by student Alikhan Uzakov, who discovered the issue after posting his application on the site, giving him access to tens of thousands of CVs from past and present job hunters.
The ICO confirmed it is investigating the issue, and released a statement which reads: “The law requires organisations to keep any personal information they hold secure. We are aware of an incident involving Virgin Media and personal data from CVs being publicly available online. We are looking into the details.”
Uzakov reported the flaw to Virgin Media, which quickly plugged the hole but then he went public, although whether his keeness to blow the gaffe will land him a job is not known.
A spokeswoman for Virgin Media told Ars Technica that applications for its graduate scheme had been managed by an unnamed third party: “Virgin Media works with a third party that provides an online application service for graduates wishing to apply for Virgin Media jobs.
“After a vulnerability on the third party company’s website was identified, the website was suspended while the issue was fixed. The service has now resumed. Virgin Media’s systems were not affected in any way.”
To leave a comment please register – it takes less than a minute and is free of charge. You will also get our weekly email update The DM Report (to opt out contact firstname.lastname@example.org). If you are an existing user, please log in. If you have forgotten your log-in details please email email@example.com to get them reset!