Monster website hacked. Theft of millions of Users' info
The thieves got away with names, addresses, phone numbers and e-mail addresses of Monster.com users. The job site said that the thieves did not get any useful financial information such as bank account details in the attack. Monster told the Reuters news agency that it first heard about the attack on 17 August thanks to security firm Symantec. The jobs portal said it managed to shut down the rogue servers used in the attack on 21 August after contacting the Ukrainian company hosting them.
These servers were used to get access to Monster's database using stolen login details. The attackers wanted to get hold of personal information in an attempt to make e-mails supposedly sent by recruitment firms more plausible. By getting people to open the fake e-mails and click on the attachments the thieves aimed to steal more saleable information or hijack an infected machine.
The vast majority of those affected by the attack are based in the US. Monster estimates that fewer than 5,000 people outside the US had their details stolen in the attack. Monster said it had more than 73 million CVs in its database.