UK 
United States
The restaurant chain Chipotle Mexican Grill has been replying to job applicants using a domain which is not owned or affiliated with the company, opening themselves up for a security breach.
According to Krebs On Security, this means that anyone could access and read emails meant for Chipotle’s HR department in America; including candidates applications. The mistake was discovered by IT employee Michael Kohlman after he applied for a job at the restaurant.
Both Ashley Madison and TalkTalk have recently been hacked, with both incidents casting light on how secure companies online materials really are. The measures and precautions in place are definitely now cause for concern for HR departments.
In an interview with Krebs on Security, Kohlman explained the error, saying: “In a nutshell, everything that goes in email to this HR system could be grabbed, so the potential for someone to abuse this is huge.
Continue reading for FREE!
Sign up for a myGrapevine account to get:
- Unlimited access to News content
- The latest Features, Columns & Opinions
- A full range of specialist HR newsletters to choose from
