Another day, another data breach.

Ladders, a job site dedicated to high-level positions with a salary of $100k or more, recently suffered a data breach that exposed over 13.7 million records of candidates’ personal information.

It’s unfortunate, but that’s the sad reality of today. Data breaches are disturbingly common, with the Data Breach Index reporting that 6.3 million data records are stolen every single day.

The breach at Ladders is a potent reminder that recruiting companies, like nearly every organization nowadays, have to consider the enormous liability concerns associated with storing others’ information.

Every Recruiting Company’s Worst Nightmare

It’s not hard to imagine the enormous damage this breach will do to Ladders’ brand and reputation.

Considering that Ladders’ candidate database naturally skews toward affluent professionals, the victims of this breach will be especially high-profile targets for cybercriminals.

According to TechCrunch, the leaked information included “email addresses, postal addresses, phone numbers and their approximate geolocation based off their IP address,” as well as work authorizations, employment history, and current compensation.

The article reported that “more than 379,000 recruiters’ information was also exposed, though the data wasn’t as sensitive.”

Someone Had a Very Bad Day – And it Could Be You or Me Next

Without a doubt, it must be a very stressful work week for those at Ladders. It’s always easy to see disastrous situations like this and move on with our lives in blissful ignorance believing it could never happen to us.

But the data shows that cyberattacks are not a question of “if” but a question of “when.” A 2018 study found that 67% of businesses had experienced a cyber attack in the prior 12 months – and the number of attacks is increasing every day.

Large companies can often roll with the punches when it comes to data breaches. On average, a data breach costs a company a total of $3.86 million. A hefty fee, to be sure, but LinkedIn is still going strong years after over 100 million data records were leaked.

Likewise, Facebook, Microsoft, Toyota, and Amazon have all experienced data breaches and emerged relatively unscathed.

Unfortunately, the same can’t be said for smaller businesses – who are also the biggest target of cyber criminals. In fact, 60% of small to mid-sized businesses that get hacked close their doors within six months.

We Must Double Down on Security Measures

We’re stuck with technology, whether we like it or not. Advanced applicant tracking systems and candidate information databases are now integral components of the recruiting process, and if we tried to ditch these, efficiency and candidate experience would suffer immensely.

And from a big picture perspective, candidate’s don’t want to give up technology either. It’s simply too convenient. It doesn’t matter how many data breaches we experience, your average candidate still wants to apply through the easiest way possible.

Our only choice is to do everything in our power to secure any candidate and client information in our possession. Recruiting companies must ensure our ATS vendors are employing state-of-the-art, fully compliant data security measures.

Furthermore, working with data security experts either in-house or at an IT partner organization is vital for avoiding the catastrophic costs of these breaches.

Cybersecurity is like recruiting: the best approach is proactive, not reactive. It’s time to secure your data – before it’s too late.

The right people, empowered to perform.