Monster puts kibosh on rogue server
Malicious attackers beware, a Monster may be coming after you.
After a malicious attackers pilfered job candidate information from its job seeker database, Monster located the attacker's rogue server and pulled the plug, the company announced Wednesday. But fallout from that episode remains.
The hooligans, who loaded a Trojan horse called Infostealer.Monstres on the company's resume database, got access to job candidates' names, addresses, phone numbers and e-mail addresses.
They weaseled their way in by gaining access to a legitimate log-in credential reserved for employers, via a computer that had been infected with the malicious software.
Now, Monster is assessing the extent of the damage. The company is investigating the number of job seekers who were affected and will be contacting them. Monster is also offering information on avoiding online scams, phishing and fraud during a job search.
Dawn Kawamoto covers enterprise security and financial news relating to technology for CNET News. E-mail Dawn. 
- Monster Rogue Server Problem
- by bjayers August 25, 2007 12:39 PM PDT
- I became aware of this early on and is exactly why I have not posted my resume on Monster for my current job search. Monster clearly is not doing a good job in securing their database.
- Like this Reply to this comment
-
-
- Monster's debacle
- by pslm46vs10 August 27, 2007 12:54 PM PDT
- Woa! I'm glad that i get the security newsletter, otherwise i'm not sure I would have known about this. I've been getting calls from people claiming that they got my information from a resume site such as Monster, Career Builder, etc, and that I'd requested information from them. I DID NOT! I'm wondering if this was the cause of those calls?
- Like this
-
(3 Comments)