| Home » Technology & Science » Security |
Monster waited 5 days to disclose loss
Breach resulted in theft of confidential information for 1.3 million users
RSS feeds on msnbc.com |
Add these headlines to your news reader Security  |
BOSTON - Monster.com waited five days to tell users its system had been hacked, in a security breach that resulted in the theft of confidential information for more than a million users, a company executive told Reuters Thursday.
By the time the U.S. job-matching Web site shut down the illegal operation, run from two server computers at a Web-hosting company in Ukraine, the names and confidential contact information of some 1.3 million job seekers had been stolen, Patrick Manzo, vice president of compliance and fraud prevention for Monster Worldwide Inc, said in a phone interview.
Monster first learned of the problem on Aug. 17, when investigators with Internet security company Symantec Corp. told Monster that it was under attack, Manzo said.
"In terms of figuring out what the issue was, that was a relatively quick process," he said. "The other issue is you want to make sure exactly what you are dealing with."
His security team spent the weekend investigating, located the rogue servers, and got the Web-hosting company to shut them down some time either late in the evening on Aug. 20, or early in the morning of Aug. 21, he said.
Monster first told its customers about the data loss on Aug. 22 in a notice posted on its home page, www.monster.com.
It warned them that their contact data might have been stolen and that the thieves had already sent spam to some Monster users asking for personal financial information and trying to get them to download malicious software.
Monster then announced on Thursday that names and contact information of some 1.3 million job seekers had been stolen.
Click for related content |
| Rate this story | Low | High |
MORE FROM SECURITY |
 Security Section Front |
| Add Security headlines to your news reader: |