Investigation regarding misconfigured storage component

Summary

An open call applicant informed us on December 2, 2022, of an issue affecting the documents attached to an application.
The issue resulted in the potential overwriting of other users' documents, and, as a side effect, unauthorised access to those documents.

Upon being notified of the issue, the component was secured and the issue was resolved. We have directly notified the affected customers.

Customer impact

The attached files are related to some applications submitted to the specific opportunity. The issue was caused by an unintentional misconfiguration of a document storage component and was not the result of a security vulnerability.
We are working to improve our processes to prevent this type of misconfiguration further and perform additional due diligence to investigate and ensure the security of all OnePass components.

We have focused our attention on directly notifying impacted applicants and providing them with instructions for contacting us and/or the open call manager with questions or concerns.

If you did not receive a related message from us, our investigation did not identify an impact on you or your application.

Title

Are you sure you want to remove your member request for ?

Yes
Cancel

🍪

This site uses cookies and other tracking technologies to assist with navigation, analyse your use of our products and services, and assist with our promotional and marketing efforts.