Share

Related Links

  • Monster.co.uk
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Top 5 Stories

News

Monster slain by hackers

26 January 2009

Careers website Monster.com and USAjobs.gov, the careers site for the US federal government, have been targeted by hackers, who have harvested user information including IDs, passwords and addresses.

The Monster website contains a statement from Patrick Manzo, senior vice president and global chief privacy officer for Monster Worldwide, who assures users that:
“Immediately upon learning about this, Monster initiated an investigation and took corrective steps. It is important to know the company continually monitors for any illicit use of information in our database, and so far, we have not detected the misuse of this information.”
The statement continues to advise users to change their passwords and be wary of any phishing emails that may be received as a result of the attack.
According to Manzo, CVs were not taken.
Monster act as the technology provider for the USAjobs.gov website, where the above statement is echoed by programme director Mary Volz-Peacock.
Both sites suffered a similar attack 18 months ago when cybercriminals took jobseekers’ details via recruiter accounts using a trojan, resulting in a widespread phishing campaign. Monster allegedly reported the discovery to users five days after the breach was discovered, by which time the data for 1.3 million jobseekers had been uploaded to servers in the Ukraine.
Graham Cluley, senior technology consultant at security firm, Sophos remarked that "There will be a few raised eyebrows about how Monster is choosing to inform its members of this serious security breach. As the company's database was hacked in what appears to have been a similar attack in 2007, customer confidence in the company may be damaged following this latest incident".
A statement issued by Sophos also advised users to use different passwords for each online account they have, noting that research indicates that 41 percent of people use the same password for every website they access.

This article is featured in:
Data Loss  •  Encryption  •  Internet and Network Security  •  Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×