From: security curmudgeon (jerichoattrition.org)
Date: Mon Jan 26 2009 - 00:28:02 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---------- Forwarded message ----------
From: InfoSec News <alertsinfosecnews.org>

http://www.pcworld.com/businesscenter/article/158270/monstercom_reports_theft_of_user_data.html

By Nancy Gohring
IDG News Service
January 23, 2009

Monster.com is advising its users to change their passwords after data
including e-mail addresses, names and phone numbers were stolen from its
database.

The break-in comes just as the swelling ranks of the unemployed are
turning to sites like Monster.com to look for work.

The company disclosed on its Web site that it recently learned its
database had been illegally accessed. Monster.com user IDs and passwords
were stolen, along with names, e-mail addresses, birth dates, gender,
ethnicity, and in some cases, users' states of residence. The information
does not include Social Security numbers, which Monster.com said it
doesn't collect, or resumes.

Monster.com posted the warning about the breach on Friday morning and does
not plan to send e-mails to users about the issue, said Nikki Richardson,
a Monster.com spokeswoman. The SANS Internet Storm Center also posted a
note about the break-in on Friday.

USAJobs.com, the U.S. government Web site for federal jobs, is hosted by
Monster.com and was also subject to the data theft. USAJobs.com also
posted a warning about the breach.

[...]
_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]