Monster.com subsequently posted an advisory notice on its website on 22 August to inform customers of the incident.
Researchers at the security vendor detected the Trojan, called Infostealer.Monstres, which accessed over 1.6 million entries of personal information belonging to several hundred thousand people, mainly based in the US, from the online recruitment site.
Monster.com has also revealed that it has shut down the server that was used to store the compromised information. The company traced the fraudulent servers used in the attack back to the Ukraine and they were closed down on Monday.
The hackers stole personal data including names, email addresses, home addresses and telephone numbers, in the assault which were then uploaded to the server.
The online recruitment company also said that it has started to contact all of the users whose personal data was taken during the attack.
Calum Macleod, European director for Cyber-Ark, believes things could get worse for Monster.com, as the hackers could use the personal details to commit identity theft crimes, which could lead to lawsuits against the company.
“By encrypting the details, even if the attackers succeeded in downloading the files, the fact they were protected would render the data unreadable and therefore unusable,” he said.
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
