To tell or not to...

  ajm 12:10 PM 26 Nov 10

To cut a long story short, I have come across a recruitment agency's web-site where it is possible to view candidate's CVs.

Whilst I wish to inform the agency concerned about this, I also do not want to blamed for accessing this.

What is the best way to inform them or just leave it as it and don't bother?

  uk-wizard 17:16 PM 26 Nov 10

Go to a phone box - if you can find one that works - and phone them.

  Forum Editor 18:40 PM 27 Nov 10

is let them know - unless the people concerned have given consent the operators of the site are inadvertently breaching the data protection laws.

No blame can attach to you because you discovered the error.

  ajm 05:37 AM 28 Nov 10

The CV and data can be seen when a certain url is entered for the domain. As the site was designed using opensource software ( Wordpress), and with a bit of knowledge that anyone familiar with WordPress, it was possible to see this data.

I was only able to see the data out of curiosity as I was doing some research for a client of mine who also operates a recruitment agency and I was interested in the source for the web-site and in particular the wordpress plug used.

I am surprised that the web-designers / developers did not set the security of this site. Other sites made by the same company using WordPress seem to be secure.

My own site and a few others I have created were also tested and these are secure.


This thread is now locked and can not be replied to.

Surface Pro 4 UK release date, price and specs: Thinner, lighter, faster with new Type Cover and Pen

1995-2015: How technology has changed the world in 20 years

Territory delivers realistic NASA screens for The Martian - as they will be in 20 years time

21 brilliant tips for Mac OS X El Capitan: The best new Mac features in OS X 10.11