IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Millions of jobseeker details stolen in Monster hack

The job recruitment website Monster has suffered a data breach which some reports have claimed is the biggest in British history.

Job recruitment website Monster has been hacked, with details from the 4.5 million users of Monster.co.uk stolen.

Contact and account details were lost, including user IDs, passwords, email addresses, names, phone numbers, and basic demographic data. Fortunately, the breach did not include sensitive details like social security numbers or personal financial data.

Upon learning of the theft, Monster initiated an investigation and took active steps to correct the problem with the help of law enforcement. So far, the company claimed that it has not seen any misuse of the stolen information.

However, Monster users may soon be required to change their passwords upon logging onto the site, and it was also recommended that they proactively changed it in the meantime.

Monster decided not to send email notifications to avoid the risk that the messages would be used a template for phishing emails targeting job seekers. It warned users not to accept unsolicited emails asking for a Monster username and password.

Security experts have said that users should be aware that the information taken from Monster alone was not enough to attack bank accounts, but that it was nevertheless a very worrying breach of security.

Jay Heiser, Gartner research vice president, said: "It is the case that the criminal community is hoovering up large amounts of personal info and correlating it, functioning as some sort of underground information bureau."

He added: "The fact that most people do use the same password on multiple sites means it is possible for that password information from Monster to be available to attackers, along with information from other sources, to attack bank accounts."

He also said that users should never assume that a Software as a Service (SaaS) offering was safe, unless they were given evidence that it was. He said that consumers had no way of knowing how safe a site was, and shouldn't put anything on it that would harm them if it was stolen.

Heiser also said that this should serve as a warning to businesses. He said: "If what you do involves information that you can't afford to lose, or you don't want stolen, then you need to be given evidence by the service provider that they are taking security into account."

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Microsoft successfully tests emission-free hydrogen fuel cell system for data centres
data centres

Microsoft successfully tests emission-free hydrogen fuel cell system for data centres

29 Jul 2022