ShellCodeX Breach Report
JobStreet Data Breach
jobstreet.com
Verified breach
Passwords exposed
Accounts exposed
3,883,455
Breach date
07 Mar 2012
Added to tracker
30 Oct 2017
Data classes
12
What happened
In October 2017, the Malaysian website lowyat.net ran a story on a massive set of breached data affecting millions of Malaysians after someone posted it for sale on their forums. The data spanned multiple separate breaches including the JobStreet jobs website which contained almost 4 million unique email addresses. The dates in the breach indicate the incident occurred in March 2012. The data later appeared freely downloadable on a Tor hidden service and contained extensive information on job seekers including names, genders, birth dates, phone numbers, physical addresses and passwords.
Exposed data
Dates of birth
Email addresses
Genders
Geographic locations
Government issued IDs
Marital statuses
Names
Nationalities
Passwords
Phone numbers
Physical addresses
Usernames
Recommended actions
- Change your JobStreet password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing JobStreet — attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP