A major US TV broadcaster leaked over a million sensitive files online

News
By
published

Valley News Live job applicants could be at risk

Security padlock and circuit board to protect data
(Image credit: Getty Images)
  • CyberNews researchers discover data leak belonging to Valley News Live
  • An unprotected dataset with 1.8 million records has been discovered
  • The data primarily affects job applicants to the firm

An unprotected dataset has been discovered online containing 1.8 million files, including over a million CVs.

The dataset was discovered by CyberNews researchers, who suspect that the data comes from Valley News Live’s job portal, which attracts up to 250,000 monthly visitors.

Researchers confirmed the personally identifiable information (PII) exposed contained full names, phone numbers, email addresses, home addresses, social media links as well as employment and education backgrounds.

Get Incogni at 55% off with code TECHRADAR

Get Incogni at 55% off with code TECHRADAR
Remove your personal information from the internet with ease. Incogni protects your online
identity and reduces unwanted robocalls and spam emails.

View Deal

Applicants at risk

Valley News Live is a television station based in Fargo, North Dakota, and is owned by Gray Media, a large conglomerate which owns or operates 180 stations across the US in 113 markets - and is the third-largest broadcaster in the US.

Anyone who has recently touched up their CV can probably understand just how much danger that might put a victim in, as the amount of PII required to build them could easily put someone in danger of social engineering attacks or identity theft.

The researchers warned many of the discovered CVs spanned numerous years, covering a period between 2017 and 2024, which outlines just how many are at risk.

The dataset was discovered online on August 31, 2024, and the initial disclosure notice was sent to the firm on September 17, 2024.

“The exposed data includes highly sensitive personal identifiers, creating numerous attack vectors for cybercriminals, where personal information can be used to create synthetic identities or fraudulent accounts,” the researchers said.

Anyone who has applied for a job at the firm or who believes they might be at risk from this or any leak, should be vigilant in monitoring their cards, and should be extra careful when receiving any unexpected communications.

For businesses, our full advice on what to do after a data breach can be found here.

You might also like

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.