One week after hackers stole personal information from millions of people who had posted their resumes to the job-searching site Monster.com, the company has warned its users to be vigilant about online fraud because the breach was not an isolated incident.
In an e-mail message sent to users, Monster shared antifraud advice and pledged to improve its security practices through enhanced surveillance of site traffic and tighter access to the Web site.
Monster disclosed on Aug. 23 that it had discovered a data breach caused by hackers who posed as employers, then illegally downloaded the names, addresses, phone numbers and e-mail addresses of 1.3 million job-seekers. The hackers then sent e-mail to the users in an attempt to collect their passwords to financial sites or to install viruses on their PCs.
Although Monster has already improved certain security measures, users should continue to protect themselves from fraud because the threat has not disappeared, Monster CEO Sal Iannuzzi said Wednesday.
"The company has determined that this was not an isolated incident," Monster said in a press release. "Despite ongoing analysis, the scope of this illegal activity is impossible to pinpoint. Monster believes illegally downloaded contact information may be used to lure job seekers into opening a 'phishing e-mail' that attempts to acquire sensitive financial information."
Monster also posted a Web page listing antifraud advice, and asked its users to forward any suspicious e-mail to the company.
"Opportunistic criminals are increasingly using the Internet for illegitimate purposes. This problem spans the Web, particularly Websites that receive heavy traffic and serve a variety of users across the globe," Monster warns on the site. "If you think you have received an e-mail that may be fraudulent, please contact us immediately."