Recruiter Page falls victim to huge cyber attack

More than 700,000 job-seekers on the books of recruitment giant Michael Page had their details hacked in one of the biggest security breaches to hit a British firm, the Evening Standard can reveal.

An email to job-seekers from Page’s marketing director Eamon Collins warns that “an unauthorised third party illegally gained online access” to sensitive data just days ago.

Although Page, a FTSE 250 company valued on the stock market at £1.2 billion, insists the hackers had no “malicious intent”, it admits that the security breach is “deeply disappointing and of serious concern”.

Coming days after Tesco Bank revealed that 40,000 accounts had been hacked and money stolen, possibly by internet gangsters based in Brazil, this latest incident will heighten concern about web security.

Page says email addresses, passwords, phone numbers and private job applications were all accessed.

Collins said in the email to job-seekers: “We will continue to work to understand fully how the breach has occurred and to ensure it does not happen again.”

One of the affected Page Group job-seekers told the Standard: “My personal details were breached — not good. First Tesco, now this. What’s next? The internet is not secure at all.”

The company says it worked “non-stop” with IT provider Capgemini to fix the issue — 711,000 accounts were affected in all, some in the Netherlands and China.

“Because of the nature of the data, there is limited risk of fraudulent activity,” Page said. “We requested that the third party destroys all copies of the data and they have confirmed they have already done so.”

No party involved would confirm the identity of the hacker, but it is understood that this is not the first time they have targeted a major group.

Cliff Moyce at tech consultants DataArt said: “This type of occurrence — personal, sensitive and confidential information becoming discoverable through clicking on certain commands within websites — is endemic.