By Brittany R. Ballenstedt
August 30, 2007
Hackers have stolen the names and contact information of about 146,000
job seekers on the USAJOBS Web site, the Office of Personnel Management
Hackers gained access to subscribers' names, e-mail addresses and
telephone numbers through the resume database maintained by Monster.com,
the technology provider for USAJOBS, OPM said. Monster has told OPM that
no Social Security numbers were compromised.
Access to the data was obtained via a Monster customer's computer using
legitimate employer credentials. About 146,000 of the 2 million
subscribers to the Web site were affected, with hackers likely intending
to use the information to send counterfeit e-mails requesting further
disclosure of information, OPM said.
Monster already has identified and shut down the server that was
accessing and collecting the information. OPM is working with Monster to
implement a long-term remedy to protect data.
OPM asked all USAJOBS subscribers to remain alert for counterfeit
e-mails that may appear from Monster. "USAJOBS will never request
personal information via unsolicited e-mail," OPM said in an alert
posted to USAJOBS. "Monster has also assured us they will never ask any
site users to download any software, tool or access agreement."
OPM is sending letters to subscribers to alert them of possible
counterfeit e-mails. Individuals who receive a suspicious e-mail
regarding a USAJOBS search should forward the e-mail to OPM at mayday
Attend HITBSecConf2007 - Malaysia
Taking place September 3-6 2007 featuring seven tracks of technical
training and a dual-track security conference with keynote speakers
Lance Spitzner and Mikko Hypponen! - Book your seats today!