Monster.com is one of the world’s largest employment websites, and also one of the most popular job-searching sites in the United States. During August of 2007, Monster.com suffered a major data breach, during which hackers stole millions of users’ resume data from the site. In the years since information about this breach was originally released, several other aspects of the site’s IT solutions and practices have come under fire as well.
The Data Breach
On August 17, 2007, Monster.com’s managers learned that data on their website had been compromised using stolen credentials. These credentials had been obtained by hackers that had infected several personal computers with malware and, using stolen information, then broke into Monster.com’s database and obtained information about approximately 1.3 users. The stolen user information consisted primarily of contact information such as names, email addresses, telephone numbers, and physical addresses. Monster.com’s security team had the offending servers shut down within three to four days of the initial breach; however, the stolen information allowed hackers and scammers to send fraudulent emails to Monster.com users, providing links or program downloads to infect computer equipment with malware.
Despite the fact that Monster.com learned of the breach on August 17, no notification to the site’s users was provided until August 22—five days after the breach. While Monster.com claimed that this delay was based on the importance of first identifying and eliminating the threat, this allowed hackers to cause serious trouble in the interim. The lack of communication between Monster.com and its users gave added credulity to fraudulent emails, which caused users to subsequently lose confidence in Monster.com’s ability to protect their personal information after they were notified of the incident.
Since the original 2007 breach, Monster.com has suffered several other online attacks and the company has come under fire for poorly-updated IT security measures. Nextrio can help you protect your business from such attacks—please call (520) 519-6301 or visit our website to find out more about our managed IT services in Tucson.
This article is part of our collection of WORLD FAMOUS SECURITY BREACHES!