Monster.com hid the security breach for 5 days

Identity Theft - Phishing : Monster.com hid the security breach for 5 days

Posted by Max on 2007/8/24 8:29:54 (1443 reads)

Monster.com postponed five days the public disclosure of a security infringement that resulted in the theft of private information from some 1.3 million job candidates, a company executive has said.

Hackers broke into the US online recruitment site's password-protected CV library using credentials that Monster Worldwide said were stolen from its clients, in one of the biggest internet security breaches in recent memory.

They launched the attack using two servers at a web-hosting company in Ukraine and a group of personal computers that the hackers controlled after infecting them with a malicious software program known as Infostealer.Monstres, said Patrick Manzo, vice president of compliance and fraud prevention for Monster.

The company first learned of the problem on 17 August, when investigators with internet security company Symantec told Monster it was under attack, Manzo said.

He said: "In terms of figuring out what the issue was, that was a relatively quick process. The other issue is you want to make sure exactly what you are dealing with."

His security team spent the weekend investigating, located the rogue servers, and got the web-hosting company to shut them down some time either late in the evening on 20 August, or early in the morning of 21 August, he said.

Manzo also said that based on Monster's review, the information stolen was limited to names, addresses, phone numbers and email addresses, and no other details including bank account numbers were uploaded.

On 21 August, Symantec published a report on its website that said it had found copies of scam emails that the engineers of the attack were using, with the aim of getting information that was more valuable than just names, addresses and phone numbers of Monster.com users.

Pretending to be sent through Monster.com from job recruiters, the emails asked recipients to provide personal financial data including bank account numbers. They also asked users to click on links that could infect their PCs with malicious software.

Their ultimate goal in taking the data from Monster.com was to gain enough personal information to lower the guards of target victims when they read the emails, said Patrick Martin, a senior product manager with the Symantec's response team in Austin, Texas, which first identified the attack.

He said: "It gives these spam emails just a little bit of credibility. These guys were trying to get financial information from people."

It wasn't until a day after Symantec issued that report on its website that Monster began to tell users about the data theft. In a notice posted on Monster.com on Wednesday, the job-search site warned that users might be the target of email scams.

The following day, Monster then announced that the details of some 1.3 million job seekers had been stolen. Fewer than 5,000 of those 1.3 million users affected are based outside the US, it said in a statement.

Previous article - Next article

Other articles
2009/11/3 14:55:39 - BitDefender Top Ten Malware Threats for October 09
2009/11/3 14:29:38 - Nov. 09 Microsoft Security Intelligence Report
2009/10/7 15:19:17 - StopSign AntiVirus and Anti-Malware is Windows 7 Compatible
2009/10/7 15:11:26 - New Outlook Backup and Migration Software By Disk Doctors
2009/9/30 4:20:57 - Microsoft Security Essentials, FREE Security Tool Just Released
2009/9/28 14:31:52 - New Rogue Antispyware Cloaked To Infects Computers
2009/9/9 4:31:49 - Trend Micro Proves Leadership in URL Filtering and Web Security
2009/9/9 4:16:20 - New Free Tool to Clean Conficker Once and For All
2009/9/1 8:37:11 - Kaspersky Internet Security 2010 and Kaspersky Anti-Virus 2010 Out Now
2009/9/1 7:54:50 - NEW P2P Advertising Network Protects Users Against Lawsuits And Identity Theft

The comments are owned by the poster. We aren't responsible for their content.