Information for potentially affected individuals

You may have heard about a recent data security incident involving our recruitment software, which is used by leading employers in Australia. The incident has been contained for over a month, and PageUp has been safe to use since.

About the incident

We continue to work with the Australian Cyber Security Centre (ACSC), Australian Federal Police and multiple independent expert cyber security firms to address the incident. The forensic investigation is ongoing. Whilst there is evidence that some data was accessed, at this stage, there is no evidence of data having left the PageUp system. The Office of the Australian Information Commissioner, ACSC and IDCARE have released a joint statement regarding this incident.

You can read the full statement on the website of the Office of the Australian Information Commissioner.

You can read updates regarding the incident and ongoing investigation on the PageUp website here.

PageUp is unable to edit or remove any individual or company’s data. However, if you have any questions or enquiries not covered on this page or our FAQ, please contact us on: security-enquiries@pageuppeople.com.

What can I do?

Good security practices

If you are concerned your data may have been accessed by an unauthorised party, we advise you perform the following good security practices:

  • Change your passwords on other online services, if you re-use the same password
  • Enable multi-factor authentication and other available security measures provided by your other online services
  • Be aware of potential phishing emails and telephone calls from businesses or institutions requesting your personal details.
  • Avoid opening attachments from unknown senders via email or social media
  • Install anti-virus software and keep it updated
  • Apply all recommended software patches from operating system and software providers.
  • Other resources:
    • The Australian Government runs the SCAMwatch website, https://www.scamwatch.gov.au/ which contains information about different types of scams, and what you can do if you think you have been scammed
    • You can also report scams to the Australian Cybercrime Online Reporting Network (ACORN). https://www.acorn.gov.au/about-acorn
    • The UK Information Commissioner’s Office website, https://www.ico.org.uk provides advice around managing your data
    • Many banks, phone companies and other service providers include information on their websites about how to detect and avoid scams

Review your applicant data

Reset your password

You can access the applicant portal to reset your password via the careers website of the organisation you applied for, provided their website is available, and they have a link ‘Existing applicant login’ or similar.

  1. Go to the existing applicant login page (on the careers website of the organisation where you applied for a job)*
  2. Click on Don’t know your password link below the Login button
  3. Enter the email address that you originally applied with and click ok
  4. A message will be displayed on screen confirming the email address that the reset password email has been sent to
  5. Check your email inbox and open the email
  6. Click the URL in the email and a new browser window or tab will open
  7. Enter the code found in the reset password email into the first field
  8. Enter your new password in the second field, ensure the password strength meets minimum criteria – Minimum 8 character including 1 alpha and 1 numeric value
  9. Re-enter your new password in the third field
  10. Click Save
  11. You will then be redirected to the Login page, a message will display to confirm the password change and you will also receive an email confirming the password reset
  12. Enter your email and re-enter the new password to login

*If you are unable to access the careers website of the organisation you applied for, or if a login link is unavailable, please contact the organisation you applied for directly.

View your information

You can view your applicant data (e.g. profile, applications) for the organisation that you applied for a job with, by logging in to your applicant portal on the careers website of the organisation you applied for, provided their website is available, and they have a link ‘Existing applicant login’ or similar.*

*If you are unable to access the careers website of the organisation you applied for, or if a login link is unavailable, please contact the organisation you applied for directly and they will be able to assist you.

Remove your information

Many employers are reaching out to potentially affected individuals, so keep an eye on your email inbox for those communications. If you haven’t received a communication from a particular employer you think you have applied for a job with, you can reach out to their HR department and ask them if they still hold your personal data. Only the organisation that uses the PageUp platform can share information about that data, and only you or that organisation can remove that data. PageUp is unable to edit or remove data on behalf of individuals or clients.

Important: Removing information is permanent and irreversible. Any in-progress job application and previous applications may be removed from the system for the organisation you applied for.

If you have previously accepted an offer or are an existing employee of the organisation, you will not be able to self-serve to remove your account from the system. If this is the case – the organisation you applied to will be best-placed to assist you. Please contact them directly.

You can remove your applicant data related to the organisation that you applied for a job with by logging into the applicant portal on the careers website of the organisation you applied for a job with, provided their website is available, and they have a link ‘Existing applicant login’ or similar.*

  1. Access the login page (on the careers website of the organisation you applied for).*
  2. Login to your account. (If you do not know your password, please click Don’t know your password? and follow the prompts.)
  3. From your Applicant portal home page, click Account in the top right corner.
  4. Click Remove account
  5. You will be taken to a confirmation page and must provide a reason for removing your account
  6. Click Remove account
  7. A confirmation will display, click Close window

*If you are unable to access the careers website of the organisation you applied for, or if a login link is unavailable, please contact the organisation you applied for a job with directly.

You can view the Mandatory Breach Notification filed with the Office of the Australian Information Commissioner on 12 June 2018 here. (Please note the Notification was filed on 12 June 2018 and our website contains the most current information.)

Book Demo