One week after hackers stole personal information from millions of people who had posted their resumes to the job-searching site Monster.com, the company has warned its users to be vigilant about online fraud because the breach was not an isolated incident.
In an email message sent to users, Monster shared antifraud advice and pledged to improve its security practices through enhanced surveillance of site traffic and tighter access to the website.
Monster disclosed on 23rd August that it had discovered a data breach caused by hackers who posed as employers, then illegally downloaded the names, addresses, phone numbers and email addresses of 1.3 million job seekers. The hackers then sent email to the users in an attempt to collect their passwords to financial sites or to install viruses on their PCs.
Although Monster has already improved certain security measures, users should continue to protect themselves from fraud because the threat has not disappeared, Monster CEO Sal Iannuzzi said Wednesday.
"The company has determined that this was not an isolated incident," Monster said in a press release. "Despite ongoing analysis, the scope of this illegal activity is impossible to pinpoint. Monster believes illegally downloaded contact information may be used to lure job seekers into opening a 'phishing email' that attempts to acquire sensitive financial information."
Monster also posted a web page listing antifraud advice, and asked its users to forward any suspicious email to the company.
"Opportunistic criminals are increasingly using the iternet for illegitimate purposes. This problem spans the web, particularly websites that receive heavy traffic and serve a variety of users across the globe," Monster warns on the site. "If you think you have received an email that may be fraudulent, please contact us immediately."