Monday, January 26, 2009 Announces Security Breach has posted an announcement of a breach:

"We recently learned our database was illegally accessed and certain contact and account data were taken, including Monster user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data. The information accessed does not include resumes."

The news has been picked up in various places, including the Consumerist and TechUrbia, and TechUrbia correctly notes that much like the 2007 compromise, users can likely expected targeted phishing attacks to begin now that accounts with access to resume data have been compromised.

As always, this is a great time to remind your users that password re-use is a bad idea.

No comments: