Bank accounts may be hit after Monster.com hacking

By

Usernames and passwords may be the largest concern of the Monster.com data breach.


Usernames and passwords may be the largest concern of the Monster.com data breach.

Jason Hart, ethical hacker and Senior VP at CRYPTOCard, claimed that the fact that the company was hacked did not surprise him, as there is a vulnerability with cloud storage and that ‘people need to take responsibility on the use of cloud services as they use it to store confidential information'.

Hart said: “As an online presence, they are an easy target and getting access to get the data is pretty straightforward. The data that is useful is usernames, passwords and email addresses, and once you have this data saved, this can be used for an attack.

“How many people will use the same user name, email address or password to access their online banking? A lot of banks require just a username and password as a single factor of authentication and if one bank applies that, how many people will be affected?”

Hackers gained access to confidential details provided by approximately 4.5 million people to the online recruitment site, with names, passwords, telephone numbers, email addresses, birth dates, sex and ethnicity data as well as other ‘demographic information' all stolen, the company admitted.

Monster.com said the stolen data did not contain details of CVs or financial information. “We are taking appropriate law enforcement action,” a spokeswoman said.

Hart concluded: “How is the data stored? What can it be used for? The day we remove static passwords is the day that we are all much more secure.”

See original article on scmagazineuk.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?