Monster job-seeker database compromised
Millions could be at risk after breach
Hackers have stolen millions of job seekers' personal details from Monster.co.uk and USAJobs.gov. Both the sites have recently published security alerts confirming a serious database breach.
In what has already been described as one of the most serious cases of data theft ever, 4.5 million UK users (according to The Times), not to mention the millions of users of USA Jobs – the official job site for the US Federal Government – may find their private details are no longer very private.
Alert
Part of Monster's alert states: "We recently learned our database was illegally accessed and certain contact and account data were taken, including Monster user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data.
"The information accessed does not include resumes. Monster does not generally collect – and the accessed information does not include - sensitive data such as social security numbers or personal financial data.
"Immediately upon learning about this, Monster initiated an investigation and took corrective steps. It is important to know the company continually monitors for any illicit use of information in our database, and so far, we have not detected the misuse of this information.
Change password
Get the best Black Friday deals direct to your inbox, plus news, reviews, and more.
Sign up to be the first to know about unmissable Black Friday deals on top tech, plus get all your favorite TechRadar content.
"In order to help assure the security of your information, you may soon be required to change your password upon logging onto the site. Please follow the instructions on the site.
"We would also recommend you proactively change your password yourself as an added precaution. We regret any inconvenience this may cause you, but feel it is important that you take these preventative measures."
For anyone worried by this news, the first thing you should do is change your Monster.co.uk password and then change passwords for the other site that you happen to use that password for (webmail/banking etc).
And, if you hadn't already come to this conclusion, it really would be better to use different passwords for different sites.
Finally, Graham Cluley reminded TechRadar that the last time Monster was linked with a security breach it was over people sending out phishing emails. So triple check anything that purports to come from Monster (or anywhere else for that matter) and contains information that could have come from the breached database.
Patrick Goss is the ex-Editor in Chief of TechRadar. Patrick was a passionate and experienced journalist, and he has been lucky enough to work on some of the finest online properties on the planet, building audiences everywhere and establishing himself at the forefront of digital content. After a long stint as the boss at TechRadar, Patrick has now moved on to a role with Apple, where he is the Managing Editor for the App Store in the UK.