Near the end of last week, Monster.com was informed by Symantec Corp that its server had been attacked by hackers.
The hackers launched the attack from two servers located in the Ukraine and a network of computers that had been infected with Infostealer.Monstres using credentials stolen from one of the website's clients to gain access to the password-protected resume library that contains personal information of over 1.3 million job seekers.
It took five days from the initial attack
for Monster to inform its user base of the incident. An entire day after Symantec had published a report on its website.
Patrick Manzo, vice president of compliance and fraud prevention for Monster said that only names, addresses, phone numbers, and email addresses were stolen from the company but Symantec claims that was only part of what the hackers intended.
In the report issued by Symantec, apparently scam emails were uncovered that were designed to get even more information from the users. The contact information stolen from the servers was used to help make the scam emails more trustworthy so that the hackers could obtain more valuable information such as bank account numbers.
"It gives these spam e-mails just a little bit of credibility
," said Patrick Martin, a senior product manager with Symantec's response team in Austin, Texas. "These guys were trying to get financial information from people
Fewer then 5,000 of the 1.3 million people affected are based outside the United States.
Monster has said that it has posted letters to all those affected just in case they were weary of opening up any emails from the company.
With the security breaches at large corporations and lost/stolen laptops from government agencies, are you ever the more careful about where you post your personal data? What steps do you take to help safeguard yourself from identity fraud? Let us know in the comments section below or over in the forums