The personal details of millions of job seekers have been stolen in the largest data theft in Britain, The Times has learnt. Hackers gained access to confidential details provided by 4.5 million people to Monster.co.uk, the online recruitment site.
Names, passwords, telephone numbers, e-mail addresses, birth dates, sex and ethnicity data as well as other “demographic information”, were all stolen, the company admitted yesterday.
It is the most extensive breach of confidential data since HM Revenue and Customs lost the details of 25 million child benefit recipients in 2007.
Monster.com refused to comment on how much information had been taken but The Times understands that the personal details of millions of people can be downloaded in under an hour once a hacker has gained access.
Security analysts told The Times that the plundered data from the recruitment site would be used by organised gangs to open fake bank accounts or take out loans in the names of unsuspecting customers.
About four out of ten people use the same password to access multiple websites, Mr Cluley said, meaning that criminals could use the Monster.co.uk data to obtain far more sensitive information. “These hackers could now use the passwords to access e-mail and online bank accounts.”
It is the third time in two years that security at the world’s largest recruitment site has been breached.
In August 2007 Monster.com’s data-base was infected by a virus called infostealer.monstres, which siphoned off more than 1.6 million records, mostly of customers based in the US.
A Russian gang called Phreak was said to be responsible. It was found to be selling “identity harvesting services” to fraudsters, charging £300 for data.
Yesterday Monster.com said the stolen data did not contain details of CVs or financial information. “We are taking appropriate law enforcement action,” a spokeswoman said.
Read here for more details.
netizens left a footprint.