Monster hit with theft of client data

Monster hit with theft of client data

Attackers using a Trojan horse stole more than 1.6 million records belonging to users of Monster Worldwide's online job search service, the company acknowledged last week.

The malicious program, called Infostealer.Monstres, utilised the pilfered data to send users phishing e-mails that plant malware on their machines, said researchers at Symantec.

The stolen records include the names, email addresses, home addresses, phone numbers and résumé identification numbers of 1.3 million users of Monster's services, said Amado Hidalgo, senior security response manager at Symantec.

The theft was discovered on August. 17, and last Thursday disclosed that it found a remote server used by the attackers to store the stolen information.

"Monster has identified and shut down a rogue server that was accessing job seeker contact information through unauthorised use of compromised legitimate employer-client log-in credentials," New York-based Monster Worldwide said in a statement.

"The company is currently analysing the number of job seeker contacts impacted by this action and will be communicating with those affected as appropriate," the statement said.

Hidalgo said that the legitimate log-ins were likely stolen from recruiters and corporate human resources personnel.

For more detail on the hack go the "Features section" on this site.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.



Show Comments