Monday, February 2, 2009

Crackers steal Monster.com database

In what must feel like a final kick in the teeth for the recently redundant, job site Monster.com is warning users that crackers have breached their servers and made off with personal data.

According to an article on BetaNews, the company has been breached by persons unknown with databases containing details of its customers – including names, user details, passwords, e-mail addresses, physical addresses, telephone numbers, and what the company described as "some basic demographic data" – being purloined for purposes perverted.

A note on the site dated January 23rd explains that the company "recently learned [that] our database was illegally access and certain contact and account data were taken" but assures users that "sensitive data such as social security numbers or personal financial data" was not included in the breach. Monster.com has also ascertained – although it isn't clear how – that so far the digital thieves have not made use of the data, and has vowed to "continually [monitor] for any illicit use of information in our database."

The company is advising those affected by the breach – which is everyone with a user account on the Monster.com site or the US-based USAJobs.gov site – to change their password immediately.

This isn't the first such attack the company has suffered: in August 2007 crackers nabbed around 1.3 million account details which were later used to target phishing attacks in an attempt to gain financial data, and towards the end of 2007 ne'er-do-wells were able to plant malware download triggers on certain pages on the site.

Any Monster.com users here worried at the thought of their personal data going walkies in these times of financial trouble, or is the limited data kept by the company not worth anything anyway? Share your thoughts over in the forums.

0 comments: