Alli
08-22-2007, 04:00 PM
By Hiawatha Bray, Globe Staff | August 22, 2007
Thousands of names, phone numbers, and e-mail addresses stored by the Internet job-search site Monster.com have been stolen as part of a complex online fraud scheme.
Symantec Corp., a security company, disclosed the breach over the weekend after one of its researchers found that a server computer in Ukraine held 1.6 million records stolen from Monster, a New York company whose US operations are based in Maynard.
Not every stolen record included personal data, but Dave Cole, director of Symantec's security response team, estimated the thieves obtained names and addresses of hundreds of thousands of people.
Symantec notified Monster of the theft, and the company promised quick action.
"We are investigating the reports," said Patrick W. Manzo, Monster's vice president for compliance and fraud prevention, "and will take all necessary steps to mitigate the issue, including terminating any account used for illegitimate purposes."
The stolen information does not include the most sensitive personal data, such as bank account, credit card, or Social Security numbers.
Resumes posted on Monster do not contain this information, which could easily be used to commit identity fraud.
Instead, it appears the criminals were after the e-mail addresses found on many resumes.
more
(http://www.boston.com/business/technology/articles/2007/08/22/data_thieves_hit_monstercom_site/)
Thousands of names, phone numbers, and e-mail addresses stored by the Internet job-search site Monster.com have been stolen as part of a complex online fraud scheme.
Symantec Corp., a security company, disclosed the breach over the weekend after one of its researchers found that a server computer in Ukraine held 1.6 million records stolen from Monster, a New York company whose US operations are based in Maynard.
Not every stolen record included personal data, but Dave Cole, director of Symantec's security response team, estimated the thieves obtained names and addresses of hundreds of thousands of people.
Symantec notified Monster of the theft, and the company promised quick action.
"We are investigating the reports," said Patrick W. Manzo, Monster's vice president for compliance and fraud prevention, "and will take all necessary steps to mitigate the issue, including terminating any account used for illegitimate purposes."
The stolen information does not include the most sensitive personal data, such as bank account, credit card, or Social Security numbers.
Resumes posted on Monster do not contain this information, which could easily be used to commit identity fraud.
Instead, it appears the criminals were after the e-mail addresses found on many resumes.
more
(http://www.boston.com/business/technology/articles/2007/08/22/data_thieves_hit_monstercom_site/)