To tell or not to...

  ajm 26 Nov 10

To cut a long story short, I have come across a recruitment agency's web-site where it is possible to view candidate's CVs.

Whilst I wish to inform the agency concerned about this, I also do not want to blamed for accessing this.

What is the best way to inform them or just leave it as it and don't bother?

  uk-wizard 26 Nov 10

Go to a phone box - if you can find one that works - and phone them.

  Forum Editor 27 Nov 10

is let them know - unless the people concerned have given consent the operators of the site are inadvertently breaching the data protection laws.

No blame can attach to you because you discovered the error.

  ajm 28 Nov 10

The CV and data can be seen when a certain url is entered for the domain. As the site was designed using opensource software ( Wordpress), and with a bit of knowledge that anyone familiar with WordPress, it was possible to see this data.

I was only able to see the data out of curiosity as I was doing some research for a client of mine who also operates a recruitment agency and I was interested in the source for the web-site and in particular the wordpress plug used.

I am surprised that the web-designers / developers did not set the security of this site. Other sites made by the same company using WordPress seem to be secure.

My own site and a few others I have created were also tested and these are secure.


This thread is now locked and can not be replied to.

Should I upgrade to Windows 10? 8 reasons why you should upgrade to Windows 10... and 2 why you…

We are being sold the ability to spend money we don't have. And we love it

IKinema aims to banish droopy shoulders and wonky spines in animated CG characters

How to use Apple Music in the UK: Complete guide to Apple Music's features

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message