UK recruitment website Monster has revealed that the personal details of up to 4.5 million users have been stolen by a hacker but failed to give the exact number of compromised accounts.
It is not the first time that Monster's database is hacked and it is possible that the same culprits that managed a similar heist back in August 2007 (when they downloaded 1.6 million accounts to Ukrainian servers) went back again.
The database was apparently compromised on the 23rd of January and the actual method used has yet to be revealed. In the August 2007 attack, Monster employees were tricked into installing Trojan malware on their computers which helped the attackers break-in.
These carefully-crafted attacks are different from the usual ones as they are custom made for their victims and are much more difficult to eradicate. The company has already announced that it will launch an internal investigation and has taken "corrective steps".
It is believed that the hackers went away with names, passwords, telephone numbers, email addresses, birth dates, gender, locations of both employers and job seekers. The resume database, a huge goldmine, has not been accessed though.
In a statement published on their website dating last week, Monster explains that they had "recently learned [that] our database was illegally access and certain contact and account data were taken” but add that “sensitive data such as social security numbers or personal financial data".
Go To Page 2 for our comments and more related links
This couldn't come at a worse time as people will be flocking to job seeking websites to look for jobs. One of the main issues arising from the hack is the fact that someone could potentially have had a dormant Monster account compromised. Be wary about any Monster.co.uk emails you will receive in your inbox from now on.
Hackers steal data from job company