Personal info on 150,000 job seekers at USAJobs stolen
Nearly 150,000 identities belonging to users of USAJobs stolen in Monster attack
Computerworld - The identity thieves who ransacked Monster.com's database also made off with the personal information of 146,000 people who use USAJobs, the federal government's official job search site, federal officials said today.
Monster Worldwide Inc. operates the USAJobs.gov Web site for the Office of Personnel Management (OPM), the independent agency that manages the federal civil service. Like Monster's commercial sites, USAJobs lets job seekers post resumes and federal agencies post job openings.
Of the 2 million subscribers to the federal job site, about 146,000 were affected by the heist engineered by Infostealer.Monstres, a Trojan horse that used legitimate log-on credentials stolen from recruiters to sift through the Monster database. According to Monster executives, the Trojan absconded with the names, addresses, e-mail addresses and phone numbers of some 1.3 million people. Although stored in the Monster databases, some of those people were USAJobs users. No Social Security numbers were stolen, the OPM stressed in an alert posted to USAJobs.
"OPM is working with Monster Worldwide to implement a long-term remedy to protect data," said the agency, which is sending letters to all subscribers warning them of phishing attacks that may use the purloined information. "Be on the alert for fraudulent e-mail that advertises positions managing financial transactions, or cashing checks," the agency's alert said. "These e-mails are attempting to engage job seekers in a money laundering or bad check scam."
The Infostealer.Monstres Trojan has the ability to spew spam to the e-mail addresses it harvested by cranking out targeted phishing messages that spread other malicious software or recruited "money mules" -- middlemen who transfer money from a phished bank account to a foreign bank account.
Although the OPM was unavailable for comment Thursday night, earlier in the day, an agency spokesman told the Reuters news service that the government got its first hint of the theft on July 20, when a job seeker reported receiving a phishing message. Although Symantec Corp. researchers notified Monster on Aug. 17 of an apparent data breach, other security researchers had reported individually targeted phishing messages bearing the Monster brand as far back as July 5. Yesterday, Monster's CEO admitted that the mid-month theft was not the first time the company's data had been attacked.
Monster Worldwide operates numerous other online job search services and job-hunting sections of sites owned by others. Among the latter, it services the career center for armed service members' spouses on Military.com; runs co-branded search services with several newspapers, including the Philadelphia Inquirer; and powers the job search features of federal, state and local governments, including the Los Angeles Police Department. It's not known whether any additional sites operated by Monster Worldwide were affected by the Infostealer.Monstres data looting.
Monster was not available for comment Thursday night.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- The New Business Case for Video Conferencing: 7 Real-World Benefits Beyond Cost-Savings This whitepaper provides insight into the value of video conferencing in today's business environment, and how organizations are using visual collaboration to find...
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- Pragmatic Endpoint Management: Empowering an SMB Workforce in the Age of Mobility Lacking the time for proper training and education, SMB administrators often resort to taking shortcuts to keep their environment running.This paper discusses the...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Cybercrime and Hacking White Papers | Webcasts