February 4th, 2009
I received this email today that tells me, “…certain contact and account data were taken, including user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data.”. Well, this isn’t good. Beyond the USAJobs.gov web site, Monster Worldwide Inc, NYSE:MWW (Monster.com ) also maintains the database for a site near and dear to our hearts, the famous, Military.com.
Thousands of our nations military has signed up for accounts on Military.com in order to utilize their tools and forums. I have not received as of this posting anything from Military.com suggesting my data is at risk but I would think the same technology was used for securing data from all sites concerned.
Attention USAJOBS(r) Users
As is the case with many companies that maintain large databases of information, our technology provider (Monster), often is the target of illegal attempts to access and extract information from its database. We recently learned that the Monster database was illegally accessed and certain contact and account data were taken, including user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data. The information accessed does not include resumes. The accessed information does not include – sensitive data such as social security numbers or personal financial data.
As a further precaution, we want to remind you that an email address could be used to target “phishing” emails. USAJOBS(r) will never send an unsolicited email asking you to confirm your username and password, nor will Monster ask you to download any software, “tool” or “access agreement” in order to use your USAJOBS(r) account.
In order to help assure the security of your information, you may soon be required to change your USAJOBS(r) password upon logging onto the site. Please follow the instructions on the site. We would also recommend you proactively change your password yourself as an added precaution. We regret any inconvenience this may cause you, but feel it is important that you take these preventative measures.
We continue to devote significant resources to ensure USAJOBS(r)
(Monster) has security controls in place to protect our infrastructure and stakeholder’s information. We hope that these efforts are helpful, and continue to allow users to defend themselves against similar attacks.
Mary Volz-Peacock
Program Director
USAJOBS(r)
Read Comments (1)
1 Comment
»
-
A few years back, Military.com sent me some free schwag. I was poking around their website, and found several methods of hijacking accounts, stealing user information, spamming, etc. I contacted them and they put me in touch with one of their security guys, Stoney something or other. They worked very quickly to fix the issues (ever notice you have to log in twice when doing many things?), and were really cool about it. I’m confident they’re not as lax on security as USAJOBS was. Not to mention, they’re probably not that big of a target. Think of the amount of personally identifiable information found on USAJOBS vice the non-essential information we have on our Military.com accounts.
Comment by Jim (1 comments.) — February 5, 2009 @ 5:20 am
RSS feed for comments on this post.
TrackBack URI
