{"id":5442,"date":"2025-05-24T04:18:00","date_gmt":"2025-05-24T03:18:00","guid":{"rendered":"https:\/\/villpress.com\/?p=5442"},"modified":"2025-05-24T13:19:50","modified_gmt":"2025-05-24T12:19:50","slug":"naukri-fixes-security-flaw-that-exposed-recruiter-emails-on-mobile-apps","status":"publish","type":"post","link":"https:\/\/villpress.com\/fr\/naukri-fixes-security-flaw-that-exposed-recruiter-emails-on-mobile-apps\/","title":{"rendered":"Naukri Fixes Security Flaw That Exposed Recruiter Emails on Mobile Apps"},"content":{"rendered":"<p><a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/villpress.com\/goto\/http:\/\/Naukri.com\">Naukri.com<\/a>, one of India&#8217;s largest job portals, recently patched a security vulnerability that exposed recruiter email addresses through its mobile applications. The bug, found by independent cybersecurity researcher Lohith Gowda, was tied to the platform\u2019s Android and iOS apps API.<\/p>\n\n\n\n<p>The issue came to light when Gowda noticed that recruiter email IDs were visible to anyone whose profile was viewed via Naukri\u2019s mobile interface. This flaw did not extend to the desktop website, keeping it unaffected.<\/p>\n\n\n\n<p>Speaking with TechCrunch, Gowda warned that the leaked emails could be exploited for targeted phishing, spam attacks, and data scraping. \u201cThis kind of exposure makes it easier for bad actors to gather emails into breach databases or use them for scams,\u201d he said.<\/p>\n\n\n\n<p>TechCrunch verified Gowda\u2019s findings before reporting the issue to Naukri, which promptly addressed the vulnerability. Naukri confirmed the fix on Friday, stating it had taken steps to improve system resilience.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Security Teams Act Swiftly to Seal the Breach<\/h2>\n\n\n\n<p>Alok Vij, the head of IT infrastructure at InfoEdge\u2014the parent company of <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/villpress.com\/goto\/http:\/\/Naukri.com\">Naukri.com<\/a>\u2014shared that all necessary security enhancements were rolled out. \u201cOur teams have not detected any abnormal activity impacting user data integrity,\u201d he assured in a statement to TechCrunch.<\/p>\n\n\n\n<p>Vij also mentioned that Naukri conducts regular audits and assessments to safeguard its platform. Some features of recruiter profiles are intentionally public to inform job seekers about who\u2019s viewing their information, he added.<\/p>\n\n\n\n<p>Founded in 1997, Naukri.com has played a vital role in connecting job seekers with recruiters across India. The platform also operates under the name Naukrigulf.com in the Middle East, expanding its reach beyond Indian borders.<\/p>\n\n\n\n<p>This latest incident serves as a reminder of the risks associated with API vulnerabilities, especially on mobile platforms that process high volumes of user interactions. Even a minor lapse in security can potentially expose sensitive information to unwanted threats.<\/p>\n\n\n\n<p>As phishing and scam tactics evolve, platforms like Naukri must remain vigilant. Email addresses of recruiters are particularly valuable as they can lead to fraudulent communications posing as legitimate job offers.<\/p>\n\n\n\n<p>Gowda emphasized the need for responsible disclosure and quick action in such cases. He commended Naukri for fixing the bug quickly after being notified.<\/p>\n\n\n\n<p>While no misuse of the data has been reported so far, users\u2014especially recruiters\u2014are encouraged to stay alert, use spam filters, and report suspicious activity. Naukri\u2019s swift response demonstrates the importance of ethical hacking and proactive cybersecurity in the tech industry.<\/p>","protected":false},"excerpt":{"rendered":"<p>Naukri.com, India&#8217;s leading job portal, fixed a security bug in its Android and iOS apps that exposed recruiter email addresses.<\/p>","protected":false},"author":1,"featured_media":5443,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[83],"tags":[356],"ppma_author":[331],"class_list":{"0":"post-5442","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-tech","8":"tag-naukri"},"authors":[{"term_id":331,"user_id":1,"is_guest":0,"slug":"pastakutmanwen","display_name":"Villpress Insider","avatar_url":{"url":"https:\/\/villpress.com\/wp-content\/uploads\/2025\/05\/Logo.png","url2x":"https:\/\/villpress.com\/wp-content\/uploads\/2025\/05\/Logo.png"},"0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/villpress.com\/fr\/wp-json\/wp\/v2\/posts\/5442","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/villpress.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/villpress.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/villpress.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/villpress.com\/fr\/wp-json\/wp\/v2\/comments?post=5442"}],"version-history":[{"count":1,"href":"https:\/\/villpress.com\/fr\/wp-json\/wp\/v2\/posts\/5442\/revisions"}],"predecessor-version":[{"id":5444,"href":"https:\/\/villpress.com\/fr\/wp-json\/wp\/v2\/posts\/5442\/revisions\/5444"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/villpress.com\/fr\/wp-json\/wp\/v2\/media\/5443"}],"wp:attachment":[{"href":"https:\/\/villpress.com\/fr\/wp-json\/wp\/v2\/media?parent=5442"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/villpress.com\/fr\/wp-json\/wp\/v2\/categories?post=5442"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/villpress.com\/fr\/wp-json\/wp\/v2\/tags?post=5442"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/villpress.com\/fr\/wp-json\/wp\/v2\/ppma_author?post=5442"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}