Monster Hacked Again; 4.5 Million Records Stolen

Jan 27, 2009
This article is part of a series called News & Trends.

The Monster hack, first reported late last week, is making news worldwide with news agencies in the U.K. and elsewhere reporting that 4.5 million users of the job board, including in the United Kingdom and  elsewhere had their data compromised. The company told The Times, a London newspaper, that such personal information as addresses, names, birth dates, and other “demographic information” were stolen. Hackers also managed to get user IDs and passwords.

A Monster spokeswoman declined to comment on the number of records affected, but said it included some U.S. users. Monster’s non-career sites (such as, the European site JobPilot and sites in Asia Pacific and in Eastern Europe were not affected.

Monster has posted a warning on its homepage linking to a letter explaining the intrusion. Dated Jan. 23rd, the letter signed by Patrick Manzo, Monster’s Global Chief Privacy Officer, warns users they may be subject to “phishing” expeditions, where they receive emails from the hackers but appearing to be from Monster, directing them to download malicious software or provide additional confidential information.

A similar warning has been posted to the USAJobs site, the official job board of the U.S. federal government. The site is powered and managed by Monster; thus, the profiles and other data of its users may have been illegally accessed.

This happened after an August 2007 hack that downloaded 1.7 million user records, nearly all from the U.S. The security breach only became public after a security company posted the news to its website, forcing Monster to admit the intrusion days after it knew the breach occurred.

This time, it was Monster which disclosed the hack and provided details about the type of information that was accessed. The Monster spokeswoman said no resumes or customer transactional data were compromised. However, recruiters, like job seekers, are urged to change their password as well as keep an eye out for phony Monster emails. The posted letter contains additional guidance.

Monster received better marks this time for its reporting of the breach. NetworkWorld, a tech-focused publication for network administrators, analyzed Monster’s disclosure letter and compared it to the warning the company sent out after the 2007 hack. The publication had Roger Nebel, director of strategic security for FTI Consulting, review the Monster warning reporting that he considered it “adequate: Not bad, but could be better.”

“There are no details about how they were hacked, nor steps taken to prevent it again,” NetworkWorld quotes Nebel as saying. “While I don’t expect them to necessarily tell us gory details there should at least be some context, be it human error, a zero-day attack, vendor issue, etc.”

News of the attack has been widely published on tech sites and news sites in Europe and elsewhere, including in Turkey and India.

This article is part of a series called News & Trends.