JobStreet

We've observed a consistent trend of older breaches resurfacing in aggregated data dumps, often amplified by their inclusion in password cracking attempts and credential stuffing lists. What caught our attention wasn't the age of the JobStreet breach itself, dating back to March 2012, but its repeated appearance in recent compilations targeting Southeast Asian users. The data, while not new, continues to pose a risk due to password reuse and the increasing sophistication of automated attack tools. The persistence of this older data underscores the long tail of risk associated with legacy breaches.

JobStreet Data from 2012 Continues to Fuel Credential Stuffing Attacks

In October 2017, the Malaysian tech site lowyat.net reported on a massive data dump being sold on their forums, comprised of multiple breaches, including data from the JobStreet job search website. The breach, which occurred in March 2012, exposed the data of 1,787,973 users. While the breach is over a decade old, the compromised data continues to circulate and poses an ongoing risk to affected individuals and organizations. The information is frequently incorporated into larger password cracking and credential stuffing lists, increasing the likelihood of successful account takeovers on other platforms where users may have reused passwords.

Key point: Total records exposed: 1,787,973

Key point: Types of data included: Email Address, Username, Phone Number, Birthdate, First Name, Last Name, Password Hash

Key point: Sensitive content types: PII

Key point: Source structure: Database

Key point: Leak location(s): Breach Forums, Telegram channels, various online dumpsites

Key point: Date of first appearance: 07-Mar-2012 (breach date), October 2017 (public reporting)

The JobStreet breach has been discussed on various online forums and security communities. For example, older threads on sites like lowyat.net detail the initial discovery and analysis of the leaked data. This breach has also been referenced in discussions about large-scale data aggregations and password cracking efforts, highlighting its continued relevance in the threat landscape. The breach data is often bundled with other older breaches, making it difficult to track the exact source of the compromised credentials. This aggregation effect amplifies the risk, as attackers can leverage a wider range of compromised data to target specific individuals or organizations. The fact that this data is still actively traded and utilized underscores the importance of proactive password management and monitoring for compromised credentials.

Email · Address · Username · Phone · Number · Birthdate · First · Name · Last · Password · Hash