PageUp, an Australian company that provides HR software, informed customers this week that it launched an investigation on May 23 after detecting suspicious activity on its IT infrastructure.
The firm’s analysis of the incident revealed on May 28 that hackers may have gained access to names, contact information, usernames, and password hashes. Documents, such as signed employment contracts and resumes, should be safe as they are stored on different servers.
“There is no evidence that there is still an active threat, and the jobs website can continue to be used. All client user and candidate passwords in our database are hashed using bcrypt and salted, however, out of an abundance of caution, we suggest users change their password,” said Karen Cariss, CEO and co-founder of PageUp.
While the company has only shared limited technical information regarding the incident, it did say that the attack involved a piece of malware. The breach has been investigated by both law enforcement and cybersecurity experts. Cybersecurity organizations and data regulators in Australia and the United Kingdom have been notified.
PageUp says it has 2.6 million active users across over 190 countries. Some of the company’s customers have notified job applicants and shut down their online recruitment pages following the incident.
Australia Post, which has been using PageUp since October 2016, highlighted that in the case of individuals whose applications were successful, bank details, tax file numbers and other sensitive information was also stored on PageUp servers. There is no evidence, however, that this data has been accessed by hackers, Australia Post said.
Wesfarmers-owned supermarket chain Coles has shut down its careers website and issued a statement saying it has suspended all connections between its systems and PageUp while an investigation is conducted. Other Wesfarmers retailers, including Kmart, Target and Officeworks, have also shut down their careers websites.
Australian telecoms giant Telstra has also suspended its online recruitment system due to the breach at PageUp. The company warned successful applicants that their date of birth, employment offer details, and pre-employment check outcomes were stored on PageUp systems.
The incident also impacts logistics and supply chain company Linfox and private health insurer Medibank, both of which have suspended their careers pages.
Several universities in the United States also use PageUp. However, at the time of writing, none of the U.S. universities listed on PageUp’s testimonials page have issued security alerts or suspended their online recruitment systems.
Related: Delta, Sears Hit by Card Breach at Online Services Firm
Related: Major Canadian Banks Investigating Data Breach Claims

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Industry Reactions to Hive Ransomware Takedown: Feedback Friday
- US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware
- Hive Ransomware Operation Shut Down by Law Enforcement
- UK Gov Warns of Phishing Attacks Launched by Iranian, Russian Cyberspies
- Dozens of Cybersecurity Companies Announced Layoffs in Past Year
- Security Update for Chrome 109 Patches 6 Vulnerabilities
- New Open Source OT Security Tool Helps Address Impact of Upcoming Microsoft Patch
- Forward Networks Raises $50 Million in Series D Funding
Latest News
- Critical Vulnerability Impacts Over 120 Lexmark Printers
- BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws
- Industry Reactions to Hive Ransomware Takedown: Feedback Friday
- Microsoft Urges Customers to Patch Exchange Servers
- Iranian APT Leaks Data From Saudi Arabia Government Under New Persona
- US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware
- Cyberattacks Target Websites of German Airports, Admin
- US Infiltrates Big Ransomware Gang: ‘We Hacked the Hackers’
