Homerun was recently the victim of a cyberattack which caused data of our customers (that were using Homerun to publish job posts and manage job applications) to be exposed to a cyber attacker. This data included files with candidate information that candidates have shared in their job applications.
Since the attack, we fixed the vulnerability in 48 hours alongside an external cybersecurity company, Northwave, so the cyber attacker no longer has access to the data. We've also gone to great lengths to ensure that the stolen data was not made public. We've reached an agreement with the cyber attacker, so we also do not expect this to happen. Northwave has never experienced data being made public in comparable cases after an agreement has been made.
We've informed all our customers who have been affected by this attack and our team has been working around the clock doing everything in our power to do right by all customers and candidates whose data may have been affected.
This is why we're sharing more detailed information about the cyberattack for anyone else who is concerned about what this might mean for them. We hope this provides you with clarity and reassurance about what's happened.
Frequently Asked Questions
How did this happen?
Regrettably, it happens quite often in the tech world that tech companies become targets of cyber attackers. Please know, that we have an experienced and capable team that has done a lot to make Homerun a secure platform. However, it’s almost impossible to be 100% secure. Cyber attackers are extremely smart and in our case they abused a vulnerability in Apache HTTP Server software.
How do I know if I've been affected by this?
We've informed all our customers who have been affected by this. All the candidates that were present in our customer's accounts and that applied before the 20th of October may have been affected in this cyber attack.
Was the affected data made public?
No, the affected data has not been made public, as we reached an agreement with the cyber attacker. In the investigation Northwave ascertained that all copied data has been destroyed and there's no indication it was ever made public. It is not possible to determine this with 100% certainty, however Northwave has never experienced data being made public in comparable cases after an agreement has been made.
I've been informed that my data has been affected by this cyberattack. I have questions about my data.
It's best to reach out to the company that you applied to. We've informed all our customers and they have all the information about the incident.
What measures have been put in place to fix this issue?
Upon discovery, we immediately fixed the vulnerability by upgrading Apache HTTP Server software on all running servers. Northwave has checked and confirmed that this fix is effective against similar attacks.
Should I be worried if I've been informed that my job application data has been affected in this cyberattack?
There's no reason to believe that this cyberattack will lead to phishing attempts being targeted at anyone whose data was affected. Of course, it's always good practice to be careful when receiving unusual emails and text messages as these could be phishing attempts. Nonetheless, Northwave continuously monitors leak sites. They will report back to us if any suspicious activity is detected.