"Monster Worldwide Inc is continuing to actively investigate and take measures to address the impact of the malicious software, called Infostealer.Monstres, on the company's resume database. Monster has identified and shut down a rogue server that was accessing seeker contact information through unauthorized use of compromised legitimate employer-client log-in credentials.
"The information contained on this server was limited to names, addresses, phone numbers and email addresses. The company is currently analyzing the number of job seeker contacts impacted by this action and will be communicating with those affected as appropriate. Monster is in the process of reaching out to its entire employer population to mitigate any ongoing issues. In addition, Monster is placing a security alert on the Monster.com site. This information is located on its Security Center and is designed to let visitors know to be vigilant about any phishing email that appears to be from Monster."
The announcement follows revelations earlier this week that individual computers infected with Infostealer.Monstres trojan virus were programmed to use pilfered recruiter credentials to pull a broad range of information relating to job candidates and feed them to a server in Eastern Europe. Because the queries were coming from many different internet protocol addresses, rather than a single machine, the fraudulent requests were probably more difficult for Monster to detect.
