Monster upgrades its security following data breach

By

Monster.com is beefing up security measures in light of the recent data theft that exposed the personal information of at least 1.3 million users to hackers.

Monster upgrades its security following data breach
In an interview Wednesday with news agency Reuters, Sal Iannuzzi, chairman and chief executive officer of the popular job recruitment website said the company plans to upgrade traffic monitoring solutions, boost its security staff and further educate end-users.

Monster will pull funds from an expected US$80 to US$100 million technology investment it announced last month, he said.

Joel Rosen, CEO of data security firm Tizor, said Monster is taking the right technology approach.

"History has shown there's no way to make perimeters hacker-proof," he told SCMagazine.com. "It's about how the data is being used. You need to watch the way the data is being used. It's fundamentally about visibility."

Since the compromise – in which hackers used stolen login credentials to gain access to the site and then spread a trojan to capture names, email addresses and telephone numbers of job seekers – about 200 to 300 seekers and a "handful" of employers have canceled their accounts, Iannuzzi said.

The hackers used the stolen information to deliver spear phishing emails to job seekers, claiming to come from Monster. The emails either requested financial details or recruited recipients to join scams.

Security experts have told SCMagazine.com that these multi-stage attacks could become more common in the future.

Meanwhile, in a letter to customers posted on the site, Iannuzzi said this may not be the first time Monster’s database has been targeted by criminals.

"As is the case with many companies that maintain large databases of information, Monster is from time to time subject to attempts to illegally extract information from its database," he said.

The remote server hosting the stolen records in this case has been taken offline.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

Log In

  |  Forgot your password?