Monster security fiasco - literally
Job warehouse Monster has had an ongoing security nightmare, with hackers infiltrating the database and pilfering usernames, passwords, and email addresses with which to launch phishing attacks.The worst part? Monster doesn’t know how bad the problem is! From an email sent to me this morning (note the bolded portion):
As you may be aware, the Monster resume database was recently the target of malicious activity that involved the illegal downloading of information such as names, addresses, phone numbers, and email addresses for some of our job seekers with resumes posted on Monster sites. Monster responded by conducting a comprehensive review of internal processes and procedures, and notified those job seekers that their contact records had been downloaded illegally.The Company has determined that this was not an isolated incident. Despite ongoing analysis, the scope of this activity is impossible to pinpoint. Monster believes illegally downloaded contact information may be used to lure job seekers into opening a “phishing” email that attempts to acquire sensitive financial information. This has been the case in similar attacks on other websites.
Ouch. Ouch. Ouch.
Verisign is hounding me …
Verisign is driving me nuts emailing me and phoning me. Just to make it perfectly clear:
- I don’t want your PDF white papers on internet security.
- I don’t want your SSL certificates.
- I don’t want your emails.
- I especially don’t want your phone calls from “sales executives.”
Hrm … now that’s off my chest I feel marginally better. Until the next call starting off with “Hello, this is $salesguy calling from Verisign. How are you?”Worse than I was before you called.
-
-
About
Sparkplug 9 is John Koetsier's blog on life, the universe, and everything,
but mostly the stuff you see big in the tags to the left.
Welcome, enjoy, buy the T-shirt, take a picture, tell your friends. -
Virtual me
-
Blogroll