A UK recruitment firm exposed sensitive applicants data for months. FastTrack Reflex Recruitment firm recently joined the ranks of other companies that have been affected by data leaks due to misconfigured AWS S3 buckets . This data breach majorly affected the applicants whose CVs containing personal information were leaked, reports the research team at Website Planet. Attached to numerous CVs were the personal IDs of applicants, including passports, citizen ID cards, driver’s licenses, and skilled worker IDs. All of these constitute direct and indirect applicant PII. Examples of directly identifiable PII include the following:. It is worth noting that the configuration of the server is not the responsibility of Amazon but rather the company, FastTrack, that is using it as a public cloud storage resource. Third-party company: Fasttrack Recruitment.