CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
January 23rd, 2009

Monster.com And USAJobs.gov Database Breached (Again), Private Data Of Millions Stolen

Monster.com, Massachusetts-based job seekers website, has lost a wealth of personal data belonging to millions of registered users after its database was illegally accessed. Customers names, birth dates, phone numbers, user IDs and passwords, email addresses, sex, and ethnicity have been stolen.

Monster.com strongly urges users to change their login credentials immediately and to be on the lookout for phishing emails. The breach prompted this warning from USAJobs, which looks to Monster to run its website.

The company has decided not to email or phone customers to warn them of the breach, spokeswoman Nikki Richardson said. The only warning is this undated advisory, which users will only know about if they happen to visit the company’s website.

It’s at least the third time Monster.com has put its users at risk after suffering a significant security breach. In August 2007, a Trojan-horse program used employer credentials to steal resume data belonging to about 1.3 million people. Within days, many users started receiving targeted phishing attacks that tried to trick them into downloading malicious software or take jobs as money mules for online crime gangs.

USAJobs.gov’s website said:

“We recently learned that the Monster database was illegally accessed and certain contact and account data were taken, including user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data. The information accessed does not include resumes. The accessed information does not include – sensitive data such as social security numbers or personal financial data.”

People responsible for the breach were not able to access resumes, social security numbers, or personal financial data. The spokeswoman declined to say when or how the breach occurred and said it was still being investigated. Monster states in their release that members will be required to change their password soon.

Share this item with others:

More on CyberInsecure:
  • SQL Attacks Still Inject Websites Including Government Sites In US, UK
  • Cyber Criminals Extract Personal Details From CVs Posted Onto Job Sites
  • Backup Tape With Private Details Stolen From Greensboro Gynecology Associates
  • Government And Private Companies Websites Struggle Against DDoS Attacks
  • Sony PlayStation Network Breached, 77 Million Users Private Data Stolen

    • Posted in Breaches And Incidents, Data Theft, Hacked, Privacy, Targeted Attacks | Print This Post Print This Post

    This entry was posted on Friday, January 23rd, 2009 at 7:29 am and is filed under Breaches And Incidents, Data Theft, Hacked, Privacy, Targeted Attacks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Monster.com And USAJobs.gov Database Breached (Again), Private Data Of Millions Stolen

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »