thedrifter
08-24-07, 07:41 AM
Monster.com hacked; troop data may be at risk
By Karen Jowers - Staff writer
Posted : Friday Aug 24, 2007 5:53:47 EDT
Military job seekers may be among the 1.3 million people at risk after Internet criminals hacked into the résumé database at Monster.com.
The Defense Department’s transition assistance Web site TurboTAP.org is operated under a contract with Military Advantage, which is part of Monster.com. Those who submit résumés through TurboTAP are directed into Monster.com.
A spokesman for Monster.com could not immediately confirm if military job seekers were affected, and if so, how many. A statement from Monster notes that about 5,000 job seekers of the 1.3 million affected are based outside of the U.S.
Monster.com officials said the thieves used malicious software called Infostealer.Monstres to gain unauthorized access to employer accounts. They obtained access to job seeker information, which Monster.com officials say is limited to the names, addresses, phone numbers and e-mail addresses of job seekers primarily located in the U.S. No other details, including bank account numbers, were uploaded.
Monster.com says the thieves apparently intend to send e-mail disguised as originating from Monster.com, in order to gain the job seekers’ trust, then attempt to convince users to engage in financial transactions or lure them into downloading malicious software — often called “phishing.”
Monster.com officials say the company is in the process of contacting those who may have been affected, with information on precautionary steps to take. Officials said they have identified and shut down the source of the malicious software. They also are working with regulatory agencies and law enforcement authorities.
Monster officials ask job seekers who have received an e-mail that they believe is fraudulent to contact the company through the Web site. See the “Security notice” at the top of the site.
If you have clicked on a link in an e-mail that claims to be from Monster.com, company officials advise running an anti-virus application to remove anything that may have been maliciously installed in your computer. Contact a Monster.com representative to have your Monster account password changed. If you receive an e-mail purportedly from Monster instructing you to download a tool or update your account or access agreement, contact Monster to verify the legitimacy.
Ellie
By Karen Jowers - Staff writer
Posted : Friday Aug 24, 2007 5:53:47 EDT
Military job seekers may be among the 1.3 million people at risk after Internet criminals hacked into the résumé database at Monster.com.
The Defense Department’s transition assistance Web site TurboTAP.org is operated under a contract with Military Advantage, which is part of Monster.com. Those who submit résumés through TurboTAP are directed into Monster.com.
A spokesman for Monster.com could not immediately confirm if military job seekers were affected, and if so, how many. A statement from Monster notes that about 5,000 job seekers of the 1.3 million affected are based outside of the U.S.
Monster.com officials said the thieves used malicious software called Infostealer.Monstres to gain unauthorized access to employer accounts. They obtained access to job seeker information, which Monster.com officials say is limited to the names, addresses, phone numbers and e-mail addresses of job seekers primarily located in the U.S. No other details, including bank account numbers, were uploaded.
Monster.com says the thieves apparently intend to send e-mail disguised as originating from Monster.com, in order to gain the job seekers’ trust, then attempt to convince users to engage in financial transactions or lure them into downloading malicious software — often called “phishing.”
Monster.com officials say the company is in the process of contacting those who may have been affected, with information on precautionary steps to take. Officials said they have identified and shut down the source of the malicious software. They also are working with regulatory agencies and law enforcement authorities.
Monster officials ask job seekers who have received an e-mail that they believe is fraudulent to contact the company through the Web site. See the “Security notice” at the top of the site.
If you have clicked on a link in an e-mail that claims to be from Monster.com, company officials advise running an anti-virus application to remove anything that may have been maliciously installed in your computer. Contact a Monster.com representative to have your Monster account password changed. If you receive an e-mail purportedly from Monster instructing you to download a tool or update your account or access agreement, contact Monster to verify the legitimacy.
Ellie