• On The Insider: Britney's Bikini-Clad Top 10
advertisementGet Smart about Business Spending
January 26, 2009 10:45 AM PST

User data stolen from job site Monster

by Elinor Mills

User information, including passwords, has been stolen from job site Monster, the company has announced.

(Credit: Monster)

Monster's database of user account information--which includes user IDs, passwords, e-mail addresses, names, phone numbers, and some demographic data--was illegally accessed and information was taken, the company said on Friday.

The information that was stolen did not include resumes or sensitive information like Social Security numbers and financial data. But someone could use the data that was breached to contact Monster users and use social engineering to trick them out of their information.

Monster is urging its users to visit the site and change their password. As a matter of policy, Monster does not send unsolicited e-mail asking users to confirm usernames and passwords or to download anything.

Job sites are a likely target during an economic downturn, security firm AppRiver said in a recent report on spam and other Internet security threats.

More information on security tips is available on the Monster security Web page.

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

Privacy & data protection

Tags:

security,

breach,

Monster

Share:
Digg
Del.icio.us
Reddit
advertisement
Click here!
Recent posts from Security
Microsoft to fix holes in Windows, Office
Google privacy controls: Most people won't care
Zero-day flaw found in Web encryption
Mac Game: Art project or malware?
Corporate bank accounts targeted in online fraud
Hacker breaks into jailbroken iPhones, asks for $7
Malwarebytes accuses rival of software theft
Security firm M86 acquires Finjan
Related
ChoicePoint to pay $275,000 in latest data breach
Fake Facebook e-mail contains Trojan
Bank Trojan botnet targets Facebook users
Hacked Web mail accounts used to send spam
Corporate bank accounts targeted in online fraud
Monster Turbine Pro earphones scream style
Amazon lets shoppers pay with a phrase
RoboForm password manager for iPhone faces hurdles
Add a Comment (Log in or register) (6 Comments)
  • prev
  • 1
  • next
by Michichael January 26, 2009 4:22 PM PST
Well crap, guess I need to change my passwords. Been three months anyway.
Reply to this comment
by dfulbright January 26, 2009 4:53 PM PST
So, did actual plain-text passwords get stolen? Why on earth would ANY site store actual passwords, instead of hashes?
Reply to this comment
by btljooz January 27, 2009 12:50 PM PST
Ain't this just GRAND????? Monster got hacked the exact same way back in mid 2007. Did they NOT _*LEARN*_ a single THING about Security?????????

BTW: Did ya'll know that http://jobsearch.usajobs.gov/ is "powered" by Monster???? OOOOh, YES!!!!! ANY one who has there info there is also a victim. I know because I had my info on usajobs at one time....until I got the notification letter from them that my personal info had been compromised and why.
Reply to this comment
by btljooz January 27, 2009 12:53 PM PST
OOOPS! ptyo..tyop...TYPO!!! alert. Sorry but:

>>>ANY one who has there info there is also a victim.<<<

SHOULD read:

>>>ANY one who has *their* info there is also a victim.<<<
Reply to this comment
by btljooz January 27, 2009 1:06 PM PST
Hey, look what I found:

USAJOBS - Security Alert

http://www.usajobs.gov/securityNotice.asp
Reply to this comment
by chili_picante January 28, 2009 7:37 AM PST
Hey, Monster: Why am I reading about this at CNet, instead of getting a notice from you about the breach! Does anyone know if all usernames and passwords were exposed, or just some?
Reply to this comment
(6 Comments)
  • prev
  • 1
  • next
advertisement

FAQ: Buying the right Windows 7 upgrade

Readers still have lots of questions on just which version of the software they need to buy in order to upgrade their PC. CNET News tries to offer some answers.

N.Y. lawsuit details Intel's 'largesse' toward Dell

Attorney General Andrew Cuomo's federal antitrust case filed Wednesday alleges a longstanding symbiotic relationship between Intel and Dell.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET