The job services company Experian has stopped providing email support to its customers following the discovery of a security flaw in the software that controls its automated job search feature.
The company said on Tuesday it would begin requiring email account login to access its job services.
The security flaw could allow a malicious user to remotely login to a job site and perform a “maliciously damaging” action, Experian said in a blog post.
The breach was discovered after it was discovered that a new exploit could be exploited in the JobSvc application, which is used by the job agency to manage applicants’ job postings and offers job listings.
The vulnerability allowed an attacker to “remotely access” a job-search database, which in this case would have been a database used to store job-related data.
It was not immediately clear how much of the company’s IT infrastructure was affected by the problem, although the breach affected about 600 employees.
The exploit, called the “Ransomware.
Mate”, was described as a “highly sophisticated, sophisticated, highly malicious attack” by security researcher Bruce Schneier.
He told ZDNet that he believed the exploit was capable of remotely gaining control over the target’s machine, as well as stealing passwords and credentials for the job search software.
“The job-service company that was affected in this incident is now having to deal with the consequences of this malicious attack and the fact that their users can’t access their jobsite and their jobsites are not functioning as they should be,” he said.
“They have to pay attention to this.”