Monster.com database looted
sprkymrk
Member Posts: 4,884 ■■■□□□□□□□
I debated on whether to post this here or in the security forums, but figured people might have their resumes on monster who aren't interested in security.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9032518&pageNumber=1
Here is the information on monster.com's site:
http://help.monster.com/besafe/
Anyone here possibly affected by this? Fortunately I have never had my resume on any of these kind of sites.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9032518&pageNumber=1
Monster's resume database was looted, and the personal information taken was used to forge convincing messages that deposited password-stealing Trojans and ransomware on users' PCs.
Here is the information on monster.com's site:
http://help.monster.com/besafe/
Anyone here possibly affected by this? Fortunately I have never had my resume on any of these kind of sites.
All things are possible, only believe.
Comments
-
JDMurray Admin Posts: 13,092 AdminWasn't this just for people that recently applied for jobs through Monster postings? My resume has been on Monster for years, but there's no information associated with it that isn't already public. I hope people aren't including things like their SSN and visa numbers in the private info on Monster.
-
sprkymrk Member Posts: 4,884 ■■■□□□□□□□What it looks like to me is that the stolen information was very basic "contact" information (name, city, email, title, etc.) that was then used for "targeted phishing". The idea was that it looked like it came from a semi-trusted source (monster) so the target was more likely to fall for the scam, whether it was additional information to use to steal identity and/or money, or to trick someone into downloading a keylogger trojan.All things are possible, only believe.
-
JDMurray Admin Posts: 13,092 AdminIt looks like the personal information stolen from Monster.com is being used to target people as mules for transferring money to Russia using Western Union. The promise of fast, easy money is the bait. The information was obtain using valid Monster.com legitimate employer-client login credentials and a hacked server. No word yet if it was an inside job.
PC World - Stolen Monster Data Put to Bad Use -
Babietech Member Posts: 53 ■■□□□□□□□□sprkymrk wrote:I debated on whether to post this here or in the security forums, but figured people might have their resumes on monster who aren't interested in security.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9032518&pageNumber=1Monster's resume database was looted, and the personal information taken was used to forge convincing messages that deposited password-stealing Trojans and ransomware on users' PCs.
Here is the information on monster.com's site:
http://help.monster.com/besafe/
Anyone here possibly affected by this? Fortunately I have never had my resume on any of these kind of sites.
I had my resume on Monsters.com and when I heard about the news on the TV, I immediately, deleted my resume off the site. Unfortunately, I couldn't delete my whole user account. -
JDMurray Admin Posts: 13,092 AdminBabietech wrote:I had my resume on Monsters.com and when I heard about the news on the TV, I immediately, deleted my resume off the site. Unfortunately, I couldn't delete my whole user account.