Comment by macqm

Paradox.ai hasn't fixed their vulnerabilities for years.

You used to be able to find full conversations with candidates indexed by Google, with PII, resumes, lots of sensitive data.

Now they add a verification step (sometimes) that still leaks the full e-mail and phone number: "We sent you a verification code to your@email.xyz and SMS to 914-555-1212".