Are Job Search Platforms Putting Your Data at Risk? | eSecurity Planet
Threats
SHARE
Facebook X Pinterest WhatsApp

Are Job Search Platforms Putting Your Data at Risk?

A new Incogni study found that many job-search platforms sell candidate data and use AI tools that raise privacy concerns.

Written By
Ken Underhill
Ken Underhill
Jun 18, 2026
5 minute read
eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Millions of Americans turn to job-search platforms every year to find new opportunities, but a recent study suggests many may be unknowingly trading away significant amounts of personal data in the process. 

Incogni’s study found that most popular job-search platforms collect, share, and sell user information, often beyond what job seekers expect.  

“Eight out of the nine investigated job-search and networking platforms sell user data (according to the CCPA definition of a data sale),” Incogni researchers said in their analysis.

“Job seekers put out a lot of sensitive data on these platforms, showcasing not only their entire work experience, but also their full address, phone number, or veteran status, hoping to find new work opportunities,” said Darius Belejevas, cybersecurity expert and CEO of Incogni, in an email to eSecurityPlanet.

He explained, “Yet they are not fully aware that they are sharing their PII data with a variety of third-party entities that are not directly connected to the potential employers.”

Darius added, “In the eyes of a nefarious actor, this data is an open book that can lead to spear phishing attacks and create major disruptions for the individual and future and past employers.“

Key Takeaways of Data Privacy on Job Search Platforms

  • Most major job-search platforms share user data beyond employers, and 8 of 9 evaluated platforms sell user data under the CCPA’s definition of a data sale.
  • More than one-third of job seekers create profiles on multiple platforms, while nearly 40% never delete their accounts after finding a job.
  • Thirty-seven percent of surveyed job seekers believed their information was only shared with prospective employers, highlighting a significant privacy awareness gap.
  • AI is becoming more embedded in recruiting, with nearly one-third of job seekers using AI tools and several platforms deploying AI-powered candidate screening capabilities.
  • Most privacy policies were written at a college-graduate reading level and took an average of 35 minutes to read, making it difficult for users to understand how their data is collected and shared.

How Data Collection and AI Are Expanding Privacy Risks

The findings reveal a significant gap between what job seekers believe happens to their personal information and how job-search platforms actually handle that data. 

According to Incogni’s survey of 1,000 Americans who used job-search platforms within the last five years, 37% of respondents believed their information was only shared with prospective employers. 

However, researchers found that most major job-search and networking platforms also share data with advertisers, affiliates, business partners, marketers, and other third parties.

To better understand these privacy risks, Incogni evaluated nine leading job-search and professional networking platforms across 17 privacy-related criteria. 

The assessment examined factors including data collection and sharing practices, AI usage, tracking technologies, transparency, regulatory actions, and previous security incidents. 

The results suggest that many job seekers may underestimate the extent to which their information is collected, distributed, and retained throughout the recruitment ecosystem.

The study also found that job seekers often increase their own exposure without realizing it. 

More than one-third of respondents reported creating profiles on multiple job-search platforms, expanding the number of organizations with access to their personal information. 

At the same time, nearly 40% said they never delete their accounts after finding employment, potentially leaving resumes, employment histories, contact information, and other sensitive data stored indefinitely across multiple services.

Advertisement

How AI is changing the recruitment process 

Researchers identified additional privacy concerns stemming from the growing use of artificial intelligence (AI) in recruitment. 

Nearly one-third of respondents reported using AI-powered tools to create or optimize resumes and job applications. 

Meanwhile, platforms including LinkedIn, Indeed, and SimplyHired have introduced or are developing AI-driven capabilities that help employers review, summarize, rank, and evaluate candidates.

While these tools can improve efficiency and streamline hiring workflows, they also create additional opportunities for applicant data to be processed, analyzed, and retained by automated systems. 

The study found that more than 60% of respondents feel they are increasingly writing resumes for algorithms rather than human hiring managers, highlighting how AI is reshaping the job application process.

LinkedIn’s AI screening tools raise additional questions 

LinkedIn’s emerging AI-powered screening features drew particular attention from researchers. 

The platform is testing automated interview capabilities that generate questions, analyze candidate responses, and provide hiring teams with AI-generated summaries. 

Although designed to accelerate recruiting, these technologies raise broader questions about transparency, potential bias, data retention practices, and how automated systems influence hiring decisions.

Privacy policies themselves may also present a barrier to informed decision-making. 

Researchers found that nearly half of respondents either skim or do not read privacy policies at all. 

Even for users who attempt to review them, understanding the implications can be difficult. 

Most of the privacy policies evaluated in the study were written at a college-graduate reading level and required an average of 35 minutes to read in full. 

As a result, many users may struggle to fully understand how their personal information is collected, shared, and used. 

Advertisement

How Organizations and Job Seekers Can Reduce Risk

The research offers several suggestions for both job seekers and organizations that manage employee recruitment.

Steps for Job Seekers

  • Limit the number of job-search platforms you use to reduce data exposure across multiple services.
  • Remove dormant profiles and accounts once your job search is complete to minimize long-term privacy risks.
  • Review privacy settings and opt out of data sales, targeted advertising, and AI data processing where available.
  • Avoid including unnecessary personal information on resumes and profiles, such as full addresses or other sensitive details.
  • Use a dedicated burner email address and phone number (e.g., Google Voice number) for job searches to reduce spam, phishing, and other unwanted outreach.
  • Be cautious of recruiter messages and job offers that request sensitive information, payment, or unusual actions.

Steps for Organizations

  • Conduct third-party risk assessments of recruitment platforms to evaluate their security, privacy, and AI governance practices.
  • Establish clear applicant data retention policies and securely delete candidate information when it is no longer needed.
  • Review how AI-powered hiring tools collect, process, and store applicant data before deploying them.
  • Minimize the collection of candidate information to only what is necessary for hiring and compliance purposes.
  • Include contractual safeguards that require data protection, breach notification, and limits on data sharing or resale.
  • Monitor third-party recruitment providers for changes in privacy practices, security incidents, and regulatory compliance.

Monitoring third-party relationships, reviewing vendor privacy practices, and maintaining clear data retention policies can help reduce risks associated with applicant data.

Advertisement

Bottom Line

As organizations increasingly adopt AI-driven recruitment tools and rely on third-party hiring platforms, the amount of personal data flowing through the hiring ecosystem continues to grow. 

The Incogni study suggests that many job seekers remain unaware of how broadly their information may be shared, retained, and used beyond the hiring process itself. 

For security teams, HR leaders, and job seekers alike, the findings serve as a reminder that candidate data should be treated with the same level of scrutiny as customer and employee information. 

As privacy regulations evolve and AI becomes more deeply embedded in recruitment workflows, transparency, data minimization, and responsible data governance will be critical to maintaining trust and reducing risk.
Ken Underhill

Ken Underhill is an award-winning cybersecurity professional, bestselling author, and seasoned IT professional. He holds a graduate degree in cybersecurity and information assurance from Western Governors University and brings years of hands-on experience to the field.

eSecurity Planet Logo

eSecurity Planet is a leading resource for IT professionals at large enterprises who are actively researching cybersecurity vendors and latest trends. eSecurity Planet focuses on providing instruction for how to approach common security challenges, as well as informational deep-dives about advanced cybersecurity topics.

facebook
linkedin
x

Company

About us Contact us Advertise with us

Categories

Best Products Resources Networks Cloud Threats Trends Endpoint Applications Compliance

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information