Jobs site in ‘Monster’ security breach

28 Jan 2009

Recruitment websites are now on the frontline of a new epidemic in identity theft, following the hacking of – the largest case of cyber fraud in the UK in history.

It is understood hackers stole personal information on 4.5 million job hunters.

Information stolen includes user names, passwords, telephone numbers and email addresses.

The news comes just a year and a half after Monster’s US parent was infected by a virus called “infostealer” and more than 1.6 million records were stolen.

It also occurred just a week after the largest US credit card payments processor – Heartland Payment Systems – had its systems breached by malicious software.

In Ireland, a smaller version of the calamity that struck Monster was played out last March when several CVs were downloaded illegally from All site members whose CV was downloaded illegally were contacted immediately by and alerted to the hacking.

The hacking of recruitment websites casts a cruel dimension in terms of the current economic difficulties worldwide. Many of the 4.5m users whose details have been hacked by data thieves are just ordinary people seeking work, many of whom may have been recently made redundant and have put their trust in the recruitment site to get their careers back on track.

Instead they now fall prey to data thieves who could try and use their details to take out loans based on the identities of unsuspecting victims.

With security breaches becoming more and more the norm it is clear that organisations that put themselves in a situation where they are responsible for securing private individuals’ data will need to rethink their security policies from the ground up.

By John Kennedy

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years