Monster Identity Theft Impacts 1.6 Million
Monster.com, a leading U.S. based resume search service, was the
recent victim of a computer hack which impacts as many as
1,600,000 people according to the security firm Symantec.
According to the story reported by the Out-Law blog, hackers
used a Trojan Horse to access Monster.com by impersonating
"The Trojan appears to be using the (probably stolen)
credentials of a number of recruiters to login to the
website and perform searches for resumes of candidates
located in certain countries or working in certain
fields," said Symantec...
The story further sheds light into what sensitive personal
information was compromised to what will likely be future
identity theft potential:
"The personal details of those candidates, such as
name, surname, email address, country, home address,
work/mobile/home phone numbers and resume ID, are
then uploaded to a remote server under the control of
the attackers," it said. "This remote server held over
1.6 million entries with personal information belonging
to several hundred thousands candidates, mainly based
in the US, who had posted their resumes to the
Monster.com web site."
Following the typical pattern of companies which have
allowed consumer data to be exposed to identity theft,
the usual process of issuing press releases claiming
no harm has been done has begun:
"We are not aware of any cases of identity theft. In fact,
the information that is gathered from Monster is no
different than that displayed in a phone book," said
Patrick Manzo, vice president of fraud prevention
and compliance at Monster.
Perhap, but are you willing to bet some enterprising
identity theft hackers would not have gone through all
of the effort to steal sensitive consumer data if it were
already widely available from any phone book?
So, our tip for today is for any consumers who have
or currently utilize the services of Monster.com.
Contact the firm immediately to verify your personal
information has not been compromised. Plus, even
if Monster.com does not admit to your data having
been illegally accessed by the identity thieves, it is
highly prudent for you to immediately institute credit
monitoring as well to conduct a background search
of your good name.
The cost of inaction, in this case, can ultimately end
up costing you far more.
Final end note, make sure to tell your friends of this
large scale computer hack which has the potential for
the largest identity theft case this summer.