The saying goes, “Fool me once, shame on you. Fool me twice, shame on me.” Unfortunately for Monster.com, the 2009 attack they suffered was not the first time they were fooled, and this put them in a difficult position. Continue on to find out what happened and learn how they could have dealt with it better.
Job-finding website Monster.com was initially attacked in 2008, and it suffered another in 2009. As a website that directs people to employment opportunities and stores resumes, Monster.com stores a great deal of sensitive information in its database. Cyber criminals were able to download personal data like names and email addresses as well as phone numbers and even home addresses. When it comes to disclosing this information to your users, the process can be tricky.
The PR Challenge
After the first attack, users received correspondences from both Monster.com and US AJOBS describing the incident. While US AJOBS took a straightforward approach, Monster.com understandably tried to soften the blow by reminding users that the company keeps their best interests in mind when conducting business. When it came time to draft a new letter, Monster.com wasted less time in getting to the point. However, there were still some key points missing.
How It Was Handled
After experiencing not one, but two cyber attacks, it is important to be as transparent as possible when communicating with your users. The second letter that Monster.com issued was more direct, expressing that the information was accessed illegally and that the company is not the only target of such attacks. They made no mention of even vague details regarding how the attack happened though, or how they will protect users in the future.
Nextrio is dedicated to protecting businesses and customers. If you would like to learn more about our managed services in Tucson, call our IT company at (520) 519-6301 or visit our website today.
This article is part of our collection of WORLD FAMOUS SECURITY BREACHES!