HigherMe has not experienced any data breaches, but it is our responsibility to ensure that our clients are aware of how to stay safe while using our software.
A hacked email account puts both you and your email contacts at risk for identity theft and financial fraud, which can be scary. If a hacker is able to access your inbox, they can roam freely and see which services you use. For example, if a hacker sees Facebook email notifications in your inbox, that tells them that you have a Facebook account. The same is true for services like HigherMe. Once a hacker knows which services you use, they may be able to reset your passwords for those services and access more of your accounts.
If a hacker gains access to your employer accounts on sites like HigherMe, ZipRecruiter, Indeed, and others, they may be able to post fraudulent job ads. These fraudulent ads can be used to obtain hundreds of applicants' personal information, including their full names, email addresses, mailing addresses, and phone numbers. If you subscribe to our onboarding service or another HRIS platform, a hacker may even be able to access your employees' SSNs/SINs and legal information.
HigherMe is here to help you stay safe online to minimize this risk!
| 👀 Here are some possible situations to look out for: |
- Your email was hacked
- You noticed password reset emails in your inbox that you did not request
- There are jobs on your account that you didn't post
- There are users on your account that you didn't add
- There are jobs in your account that don't match your industry (e.g., remote jobs, call center representative jobs, etc.)
- There are boost campaigns on your account that you didn't initiate
|
| If you have any suspicion that you've been hacked, please let us know immediately so we can help you. |
| 🫶 Our tips to help protect you and your applicants: |
- Always log in and visit our website directly: www.app.higherme.com/login
- Consider using a password manager, and don't share passwords if you can avoid it! You should use a strong, unique password for each of your online accounts.
- When possible, enable two-factor authentication (2FA) – especially for your email accounts! 2FA helps verify that the person logging into your account is the true account owner. You'll often have the option to receive a 2FA code via SMS or through an app such as Google Authenticator or Authy.
-
Never click suspicious links in email or texts. Phishers often send links that look legitimate but that, when clicked, allow them to steal your information.
-
Don't give out sensitive information via email or text. Email is convenient, but it's not a secure channel for information like SSNs/SINs, bank account numbers, credit card numbers, or passwords – even as attachments. A bank or similar service should never ask for this information via email.
-
Keep your operating system up to date on your computer and any other mobile devices. The same goes for updating apps – updates often include security improvements, so it's smart to install them right away!
- Secure your router and Wi-Fi network. Make sure you change the admin password for your router and set a strong Wi-Fi password.
-
Consider using a VPN on your computer and your phone. VPNs encrypt your internet connections, allowing for more private internet use.
- If you can help it, avoid logging into your accounts on public computers (like at a hotel or a library) or public Wi-Fi networks. Public computers are accessible to many people, which introduces the risk that someone can put keyloggers or other malware on them.
|
Please email any questions or security concerns to friends@higherme.com.