'Job website hit by major breach' diff viewer (0/1)

This article is from the source 'bbc' and was first published or seen on January 27, 2009 13:02 (UTC). It will not be checked again for changes.

You can find the current article at its original source at http://news.bbc.co.uk/go/rss/-/1/hi/technology/7853251.stm

The article has changed 2 times. There is an RSS feed of changes available.

Previous version 1 Next version

Previous version 1 Next version

Version 0	Version 1
Job website hit by major breach	Job website hit by major breach
2009-01-27 13:10:58 UTC	2009-01-28 11:31:52 UTC (about 22 hours later)
Hackers are believed to have stolen the personal details of millions of people using the online job site Monster.	Hackers are believed to have stolen the personal details of millions of people using the online job site Monster.
Users around the world have been affected, including the 4.5 million users of the UK site.	Users around the world have been affected, including the 4.5 million users of the UK site.
If all are affected it would make it the biggest data theft in the UK since the details of 25 million child benefit claimants went missing last year.	If all are affected it would make it the biggest data theft in the UK since the details of 25 million child benefit claimants went missing last year.
The recruitment giant has advised people to change their passwords and be on the lookout for phishing e-mails.	The recruitment giant has advised people to change their passwords and be on the lookout for phishing e-mails.
Recruitment sites have proved rich pickings for criminally-minded hackers in the past and it is not the first time Monster has fallen foul of cyber thieves.	Recruitment sites have proved rich pickings for criminally-minded hackers in the past and it is not the first time Monster has fallen foul of cyber thieves.
In 2007, 1.3 million details were downloaded to servers based in Ukraine.	In 2007, 1.3 million details were downloaded to servers based in Ukraine.
Phishing danger	Phishing danger
~~Last year the details of 1.6 million jobseekers ~~was~~ stolen and followed by sustained phishing attacks, where people are fooled into installing malware via links in emails.~~	Last year the details of 1.6 million jobseekers were stolen and followed by sustained phishing attacks, where people are fooled into installing malware via links in emails.
Monster first revealed that its database had been attacked again on 23 January but has remained tight-lipped about the scale of the attack.	Monster first revealed that its database had been attacked again on 23 January but has remained tight-lipped about the scale of the attack.
"We recently learned our database was illegally accessed and certain contact and account data were taken," said Monster senior vice president Patrick Manzo in a statement.	"We recently learned our database was illegally accessed and certain contact and account data were taken," said Monster senior vice president Patrick Manzo in a statement.
He went on to admit that hackers had stolen user names, passwords, telephone numbers and e-mail addresses, alongside demographic data, birth dates, gender and ethnicity.	He went on to admit that hackers had stolen user names, passwords, telephone numbers and e-mail addresses, alongside demographic data, birth dates, gender and ethnicity.
CVs had not been accessed, he said.	CVs had not been accessed, he said.
The statement warned people to be on the look-out for phishing e-mails built around the details surrendered to Monster.	The statement warned people to be on the look-out for phishing e-mails built around the details surrendered to Monster.
"Monster will never send an unsolicited e-mail asking you to confirm your username and password, nor will Monster ask you to download any software tool or access agreement in order to use your Monster account," it read.	"Monster will never send an unsolicited e-mail asking you to confirm your username and password, nor will Monster ask you to download any software tool or access agreement in order to use your Monster account," it read.
Graham Cluley, a senior consultant with security firm Sophos, said hackers armed with details from Monster accounts, could target other online information.	Graham Cluley, a senior consultant with security firm Sophos, said hackers armed with details from Monster accounts, could target other online information.
"It is surprising just how many people use the same password for a variety of sites. They need to change all passwords that are the same as that for their Monster login," he said.	"It is surprising just how many people use the same password for a variety of sites. They need to change all passwords that are the same as that for their Monster login," he said.