Job Board Trade Group Forms Task Force to Address Safeguarding Job-Seeker Data

Monster’s woes over the illegitimate use of its resume service may be the most public of job board security breaches, but it is far from the only one. Many of the job boards attending the International Association of Employment Web Sites congress in San Francisco last week admitted to having been the target of attacks by hackers, spammers, phishers, and others.

“All of our members are being attacked day in and day out,” explains Peter Weddle, executive director of the job board trade group. “There were a lot of kimonos being opened up,” a reference to the candidness of the conversation.

The half-day congress was the second since the IAEWS was formed more than a year ago. It happened to coincide with the August disclosure that Monster’s resume database had been accessed and contact information for some 1.3 million job-seekers had been stolen. The information was then used to send official looking notices to many of the job-seekers in an attempt to get them to give up confidential information — a scheme known as phishing. Others also got notices that appeared to come from Monster inviting them to download software that would actually steal personal data.

While most of the 80 or so attendees represented job boards that compete at some level with Monster, Tony Lee, a panel moderator at the conference and an executive with job board vendor Adicio, said there was little evidence of schadenfreude. “Everybody was asking, ‘What do we do?'” Lee reports. “I was impressed by the camaraderie and dedication of the people there.”

Both he and Weddle said it was obvious from the discussion that the problem of improper access and use of job-seeker data is broad. Hacking into a system and stealing data may be the most spectacular of security breaches, but less obvious are the problems with companies that harvest job-seeker data for the purpose of soliciting new clients or spamming them. “It’s a key challenge to our industry,” says Weddle. “It’s a magnitude greater than the media knows.”

Article Continues Below

To address the problem, the IAEWS set up a working group that, among other things, will help the industry better educate employers on safeguarding passwords and job-seeker data. It will also set up a sort of “early warning system,” as Weddle describes it, by which each job board that has been the subject of an attack or phishing scheme can report it so others can take security steps against the specific attack.

As challenging as it can be to stay a step ahead of the phishers, scammers, and others, the bigger challenge of the congress may well have come from Richard Nelson Bolles, author of “What Color Is Your Parachute?”, the job-hunting manual that revolutionized job hunting.

“Stop thinking exclusively about job searching,” was Bolles’ advice to the job boards, says Weddle. In terms of career development, Bolles challenged the group to rebrand themselves as “career support sites” where workers can turn for help with networking, professional development, setting their career goals, and advice overcoming career roadblocks.

John Zappe is the editor of TLNT.com and a contributing editor of ERE.net. John was a newspaper reporter and editor until his geek gene lead him to launch his first website in 1994. He developed and managed online newspaper employment sites and sold advertising services to recruiters and employers. Before joining ERE Media in 2006, John was a senior consultant and analyst with Advanced Interactive Media and previously was Vice President of Digital Media for the Los Angeles Newspaper Group.

Besides writing for ERE, John consults with staffing firms and employment agencies, providing content and managing their social media programs. He also works with organizations and businesses to assist with audience development and marketing. In his spare time  he can be found hiking in the California mountains or competing in canine agility and obedience competitions.

You can contact him here.

Topics