Monster.com attack hits federal job search site
Cybercrooks who raided Monster.com's database also pilfered the personal information of an estimated 146,000 from USAJobs, the US government's official job search site. Monster Worldwide is the technology provider for the USAJOBS website, so the recent attack on Monster.com's systems also exposed the contact information of …
I know my USAJOBS info got swiped. My junk mail box has been covered up in "transfer agent" jobs for days.
Monster.com sucks and so do the USAJOBS guys. You should spend the 2mins to read their warning about the breach. It's highly contradictory and furthers my view any Govt should not do IT outsourcing. Critical projects should always be handled internally.
R.S.
I find it amazing that Monster gets attacked, and has had information stolen from lots of candidates, and then they have the guts to send an email to all Monster users about how to be safe online, and not to do this or that.
They claim they are taking steps to be more secure in the future, even though they also admit they already had a security breach previously.
I can't believe they don't spend money trying to protect their users info. What a bunch of losers.
I have news for you, "Monster teaching".
Most companies with web sites don't know how to protect the databases they make accessible from the internet. Companies are started by businessmen, not security experts. Businessmen tend to believe what their security consultants tell them.
In general, business people don't spend money on avoiding risks unless they've seen the bad things happen once already, to themselves, someone they know, or someone in the newspapers.
So the "losers" are those who trustingly put their personal details on a website with a silly name, expecting that some businessman just out to make money would also spend it trying to protect the information of millions of strangers.
Now that the disaster has happened, things may get a little tighter in future. But don't bet your life on it.
don't mix DATABASE security and trojan that has(ve?) stolen passw0rds.
Security of their servers may be good ( I say MAY BE ), but this is internal breach. It is more dangerous, because (as I believe) only one of thousands securty consultans create roles with limited access to information.
Sorry for my bad english and big HELLO to all from Russia :)
Sign up, sign up for The Register's weekly IT security newsletter - click here
