OfflineI got the following email from Monster yesterday. Something has changed, because my CV is hidden on monster, but suddenly I've started getting loads of calls. What does this mean? It means Monster's entire database has been compromised, CV's, contact details, everything, and recruitment agencies have been smart and quick to get hold of them. This is going to cost Monster MILLIONS of pounds.
[=Verdana, Arial, Helvetica, sans-serif]Dear Valued Monster Customer,
Protecting the job seekers who use our website is a top priority, and we value the trust you place in Monster. Regrettably, opportunistic criminals are increasingly using the Internet for illegitimate purposes. As is the case with many companies that maintain large databases of information, Monster is from time to time subject to attempts to illegally extract information from its database.
As you may be aware, the Monster CV database was recently the target of malicious activity that involved the illegal downloading of information such as names, addresses, phone numbers, and email addresses for some of our job seekers with CVs posted on Monster sites. Monster responded to this specific incident by conducting a comprehensive review of internal processes and procedures, notified those job seekers that their contact records had been downloaded illegally, and shut down a rogue server that was hosting these records.
The Company has determined that this incident is not the first time Monster's database has been the target of criminal activity. Due to the significant amount of uncertainty in determining which individual job seekers may have been impacted, Monster felt that it was in your best interest to take the precautionary steps of reaching out to you and all Monster job seekers regarding this issue. Monster believes illegally downloaded contact information may be used to lure job seekers into opening a "phishing" email that attempts to acquire financial information or lure job seekers into fraudulent financial transactions. This has been the case in similar attacks on other websites.
We want to inform you about preventive measures you can take to protect yourself from online fraud. While no company can completely prevent unauthorised access to data, we believe that by reaching out to job seekers like you, the Company can help users better defend themselves against those who have attacked Monster as well as other databases.
We are committed to maintaining an ongoing dialogue with all of our job seekers about Internet security and the steps Monster is taking to protect its job seekers. The Company has placed a security alert on Monster sites offering information to educate you about online fraud. This information can be found at [=Verdana, Arial, Helvetica, sans-serif]http://help.monster.co.uk/besafe[/]. We have also included information on Internet safety and examples of fraudulent "phishing" emails at the bottom of this letter.
Monster has launched a series of initiatives to enhance and to protect the information you have entrusted to us. Some of these steps are being immediately implemented, while others will be put into place as appropriate.
We believe these actions are the responsible steps to protect[/]
[=Verdana, Arial, Helvetica, sans-serif] the trust you place in Monster. We are also working with Monster's hundreds of thousands of employer customers to ensure a safe and effective online job search. We will continue to share information with you about the enhancements we are making as we serve as your online career resource partner. We invite you to keep reading to learn more about how to use the Internet safely.
Sincerely,
Sal Iannuzzi
Chairman and CEO
Monster Worldwide[/]
Delicious
Digg
StumbleUpon
Recruitment agencies "have been smart"???:eek:
Here is a reply I got from Monster when I put it to them:
Hello Chris,
Thank you for contacting Monster.co.uk. I apologize for the inconvenience caused to you.
While we can not absolutely confirm with 100% certainty that your data was not amongst those affected, please keep the following points in mind:
- The information that is gathered from Monster is not different that displayed in a phone book - i.e. generic contact information.
- To the best of our knowledge, this is not a ?hack? of Monster?s security - rather, legitimate customer credentials are being used to log in to the database.
- Many of the media reports refer to this as an issue of ?identity theft?. We are not aware of any cases of identity theft.
- To continuously combat fraud, Monster has implemented a sizable, dedicated Task Force that is fully committed to protecting the integrity of Monster?s products and services, and most importantly - our customers and site visitors.
- The Task Force continually monitors our resume database to detect and terminate access that appears unusual or could potentially be fraudulent. Furthermore, we continually implement and refine our site technologies to identify unauthorized or inappropriate access our resume database.
We are cautioning Monster site visitors to be on alert for phishing email that appear to be from Monster that asks the recipient for personal information or to download a new tool. If you receive an email of this nature, please do not comply; instead, report it immediately. So that we may investigate and take action, please forward the email with full header information to . Instructions on obtaining header information can be found at: http://www.spamcop.com/help_with_headers/.
The Monster Security Center is available on the homepage (http://help.monster.com/besafe/), and this tool provides more tips for conducting a safe and effective job search as well as how to identify fraudulent email.
I would like to inform you that I have verified your Monster account and found that you have a CV posted on Monster. The CV is titled "VBA Access PHP SQL Professional, Experienced Developer" and is viewable by employers.
Do contact us if you need any further help and I will be glad to assist you.
Regards,
Kiran
Monster Seeker Support
Can you sue?
I'm ex directory.. so the info on monster IS different to what's in the phone book.