A major US TV broadcaster leaked over a million sensitive files online

Security padlock and circuit board to protect data

(Image credit: Getty Images)

CyberNews researchers discover data leak belonging to Valley News Live
An unprotected dataset with 1.8 million records has been discovered
The data primarily affects job applicants to the firm

An unprotected dataset has been discovered online containing 1.8 million files, including over a million CVs.

The dataset was discovered by CyberNews researchers, who suspect that the data comes from Valley News Live’s job portal, which attracts up to 250,000 monthly visitors.

Researchers confirmed the personally identifiable information (PII) exposed contained full names, phone numbers, email addresses, home addresses, social media links as well as employment and education backgrounds.

Applicants at risk

Valley News Live is a television station based in Fargo, North Dakota, and is owned by Gray Media, a large conglomerate which owns or operates 180 stations across the US in 113 markets - and is the third-largest broadcaster in the US.

Anyone who has recently touched up their CV can probably understand just how much danger that might put a victim in, as the amount of PII required to build them could easily put someone in danger of social engineering attacks or identity theft.

The researchers warned many of the discovered CVs spanned numerous years, covering a period between 2017 and 2024, which outlines just how many are at risk.

The dataset was discovered online on August 31, 2024, and the initial disclosure notice was sent to the firm on September 17, 2024.

“The exposed data includes highly sensitive personal identifiers, creating numerous attack vectors for cybercriminals, where personal information can be used to create synthetic identities or fraudulent accounts,” the researchers said.

Anyone who has applied for a job at the firm or who believes they might be at risk from this or any leak, should be vigilant in monitoring their cards, and should be extra careful when receiving any unexpected communications.

For businesses, our full advice on what to do after a data breach can be found here.

Check out our list of the best firewall software around today
Over a million patients potentially hit after another US healthcare provider hit by cyberattack
We've also rounded up the best antivirus on offer right now

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.