Job Search Site Reports 'Monster' Data Theft
Posted on: Tuesday, 27 January 2009, 10:35 CST
Several users of the most-used online job site Monster have become victims of a massive data theft, according to a spokesperson from Monster Worldwide Inc.
Monster has about 75 million users, all of which create profiles for themselves that include personal information such as phone numbers, names and e-mail addresses.
"We recently learned our database was illegally accessed and certain contact and account data were taken," said Monster senior vice president Patrick Manzo in a statement.
“Immediately upon learning about this, Monster initiated an investigation and took corrective steps. It is important to know the company continually monitors for any illicit use of information in our database, and so far, we have not detected the misuse of this information.”
Michelle Brown, a company spokeswoman in London said Monster was aware that the “database was accessed and that contact and account data was taken, including user IDs, passwords, e-mail addresses, names, phone numbers and some basic demographic data.”
Monster said it is unable to determine how many of its users’ accounts were jeopardized.
The London Times reported on Tuesday that 4.5 million users’ information had been stolen from the Monster.co.uk Web site, but Brown said Monster is uncertain whether or not users in the UK were affected.
Monster is working with the “appropriate law enforcement authorities,” Brown said.
The breach is the second of its kind this month, as Heartland Payment Systems Inc. – the sixth-largest payment processor in the US – announced on Jan. 20 that its system had been breached by hackers who had access to the system for “longer than weeks” during 2008, said Robert Baldwin, Heartland president and CFO.
The Heartland data breach could be the largest of its kind in history, trumping the huge breach reported by TXJ in 2007. That incident affected 94 million credit card accounts and resulted in $197 million in reserves.
"Our discussions with the Secret Service and Department of Justice give us a pretty good indication that this is part of a group that appears to have done security breaches at other financial institutions," said Baldwin. "This is a very sophisticated attack."
“The criminal community is hoovering up large amounts of personal info and correlating it, functioning as a sort of underground information bureau,” Jay Heiser, a research vice president and security expert at Gartner Inc., said in an e-mailed statement quoted by Bloomberg today.
In a statement, Monster warned its users not to give out any of their personal information, including username or password via e-mail.
"Monster will never send an unsolicited e-mail asking you to confirm your username and password, nor will Monster ask you to download any software tool or access agreement in order to use your Monster account," it read.
---
On the Net:
Source: redOrbit Staff & Wire Reports
Related Articles
- TJX Settles With 41 States Over Data Security Breach
- Verizon Reports Surge In Data Security Breaches
- Heartland Payment Systems Uncovers Malicious Software In Its Processing System
- State Law Will Require Firms to Notify Customers of Data Security Breaches
- Despite Breaches, Companies Seen As Lax on Protecting Data
- Companies Lax With ID Data, Experts Say
- George & Brothers, LLP Announces a Class Action Lawsuit Filed Against AT&T By Texas Journalists and Lawyers; Suit Claims Disclosure of Telephone Data Constitutes Breach of Confidentiality
- CDB Software and DBI Announce Partnership to Enhance Mainframe Data Accountability
- DBI's New Solution Ensures Accountability of Critical Data
- IRS says no data security breaches found
 |
 |
User Comments (0)
RSS Feeds