"Interesting stuff of the Technology, Products and Web 2.0..."

Sunday, January 25, 2009

Data Theft at Monster.com

monster Monster.com is one of the popular online job searching site. Recently monster found the data theft. Some has illegally accessed their database and certain contact and account data were taken, including Monster user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data.The information accessed does not include resumes.

As a step of security, monster is asking users to change their password after login. Below is a complete post on monster website about data theft written by Patrick Manzo, Senior Vice President, Global Chief Privacy Officer, Monster Worldwide on 23rd January 2009.

   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

January 23, 2009

As is the case with many companies that maintain large databases of information, Monster is the target of illegal attempts to access and extract information from its database. We recently learned our database was illegally accessed and certain contact and account data were taken, including Monster user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data. The information accessed does not include resumes. Monster does not generally collect – and the accessed information does not include - sensitive data such as social security numbers or personal financial data.

Immediately upon learning about this, Monster initiated an investigation and took corrective steps. It is important to know the company continually monitors for any illicit use of information in our database, and so far, we have not detected the misuse of this information.

In order to help assure the security of your information, you may soon be required to change your password upon logging onto the site. Please follow the instructions on the site. We would also recommend you proactively change your password yourself as an added precaution. We regret any inconvenience this may cause you, but feel it is important that you take these preventative measures.

As a further precaution, we want to remind you that an email address could be used to target “phishing” emails. Monster will never send an unsolicited email asking you to confirm your username and password, nor will Monster ask you to download any software, “tool” or “access agreement” in order to use your Monster account. Monster’s security page, http://my.monster.com/securitycenter, provides users with a substantial amount of information about different types of Internet fraud. We encourage you to review the information to learn more about what you can do to protect yourself on the Internet.

The protection of your data is a high priority for Monster. Our newly redesigned Web site has, and will continue to add, safety and security features to protect your information and we want you to feel confident using it.

We continue to devote significant resources to ensure Monster has appropriate security controls in place to protect our infrastructure, and while no company can completely prevent unauthorized access to data, Monster believes that by reaching out to job seekers, the company can help users better defend themselves against similar attacks.

We truly value the trust you place in Monster and appreciate the opportunity to continue to serve as your online career resource.

Sincerely,
Patrick Manzo

Senior Vice President, Global Chief Privacy Officer
Monster Worldwide

Instructions to change your password:
If you are already logged into your account, you can easily change your password by clicking on Preferences which is located at the top of any page. If you are not logged in, then click on Forgot Password link on the Sign In panel, and Monster will send you an email with instructions to change your password.

   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

No comments: