While looking for a new job can be enjoyable, it is surely not fun to lose your personal information in the process. In the meantime, the Cybernews investigation team found an unprotected GCS bucket belonging to the talent pool platform beWanted that had more than 1.1 million files.
The company, which has its headquarters in Madrid, Spain, bills itself as "the largest Talent Pool ecosystem in the world." beWanted is a software-as-a-service (SaaS) company that links companies and job seekers. The business maintains offices in the UK, Germany, and Mexico.
The exposed instance was found by the researchers in November of last year. Despite the fact that the relocation temporarily affected service availability, beWanted claims that the company secured the bucket on May 9.
"We prioritized data security. The solution was fully implemented, and the properly secured service was restored last Friday, May 9, 2025. We have been conducting exhaustive internal testing since Friday and can confirm that the solution is definitive. Furthermore, to the best of our knowledge and following relevant investigations, no data leakage has occurred," the company stated.
The researchers claim that resumes and CVs from job seekers make up the vast majority of the files from the more than a million compromised files. The information that was leaked included details that a job seeker would normally include such as Full names and surnames, phone numbers, email addresses, home addresses, dates of birth
national id numbers, nationalities, places of birth, social media links, employment history and educational background.
The researchers believe that a data leak involving over a million files, each of which likely represents a single person, is a serious security issue for beWanted. The fact that the data has been exposed for at least six months exacerbates the situation: hostile actors continue to comb the web for unprotected instances, downloading whatever they can find.
“This exposure creates multiple attack vectors, enabling cybercriminals to engage in identity theft, where personal information can be used to create synthetic identities or fraudulent accounts,” researchers added.
Malicious actors can also use leaked information to create highly personalised and credible-looking phishing attempts, which could result in unauthorised access to financial accounts, passwords, or other sensitive data.
Furthermore, the leaked information highlighted that the problem has worldwide implications. The leaked national ID numbers, for example, are from Spanish, Argentine, Guatemalan, Honduran, and other residents.