Monster Worldwide is notifying all job seekers with an active resume on Monster sites about preventative measures they can take to protect themselves from online fraud.
Additionally, Monster will institute a set of new systems and processes designed to enhance existing security and minimize such threats in the future.
Monster became aware of illegal activity that involved the downloading of information such as names, addresses, phone numbers, and email addresses for 1.3 million job seekers with resumes posted on Monster.com. Monster does not generally collect social security numbers or financial data about its job seekers, such as bank account information or credit card accounts. Monster responded by conducting a review of internal processes and procedures, and notified these job seekers that their contact records had been downloaded illegally. In addition, Monster is working with law enforcement officials and the appropriate regulatory agencies.
The company has determined that this was not an isolated incident. Despite ongoing analysis, the scope of this illegal activity is impossible to pinpoint. Monster believes illegally downloaded contact information may be used to lure job seekers into opening a "phishing" email that attempts to acquire sensitive financial information. This has been the case in similar attacks on other Web sites.
To enhance the security of the job seekers on its site, Monster says the company is reaching out to all users who have resumes posted to inform them about preventative measures they can take to protect themselves from online fraud. Monster believes that by reaching out to users, the company can help users better defend themselves against those who have attacked Monster as well as other databases.
"Protecting the job seekers who use our Web site is a top priority at Monster," says Sal Iannuzzi, chairman and CEO of Monster Worldwide. "These issues are increasingly prevalent throughout the Internet, which is why Monster is enhancing its security and reaching out to everyone with an active resume on our site. We believe these actions are the responsible steps to protect our valued job seekers and customers."
Monster also launched a series of initiatives it is taking to enhance security controls for its Web site. These initiatives are part of the infrastructure improvements that were announced by Monster before the recently reported attack. The initiatives include:
- Implementing new robust capabilities for worldwide monitoring and surveillance of site traffic
- Reviewing and tightening all site access policies and controls
- Launching a series of targeted initiatives to protect job seeker contact information
In addition, the company has augmented its Web Site Security Task Force by adding executive level staff, and going forward the task force will report directly to the chairman and CEO. The company has also engaged several industry security experts with proven track records of successfully working with global Internet companies to protect their users.
Monster has placed a security alert on the Monster.com site that offers information to educate users about online fraud and the measures they can take to protect themselves. This information can be found at http://help.monster.com/besafe/.
Bookmark with:
- Digg
- Reddit
- Del.icio.us
- Facebook
- Newsvine
Sign Up to Exec UK now for FREE!