BBC reported that the US job site Monster.com got attacked and attackers were able to steal hundreds of thousands of user data. Symantec, a popular security firm said that a Trojan was used to access the employers’ section of the website using stolen log-in credentials.
The log-ins were used to harvest user names, e-mail addresses, home addresses and phone numbers, which were uploaded to a remote web server. According to Symantec, this remote server held over 1.6 million entries with personal information belonging to several hundred thousands of candidates, mainly based in the US, who had posted their resumes to the Monster.com website.
Symantec said users should always limit contact information posted to job websites and to use a disposable e-mail address. The security firm also suggested that “never disclose sensitive details such as your social security number, passport or driver’s license numbers, bank account information to prospective employers until you have established they are legitimate”.
This is why I made it my habit to use dummy information on most of the sites that I’m a member of but I know that the Internet newbies will keep making the same mistake of entering correct information while filling out a site membership form.