The fallout from the data breach at Monster.com is growing wider, as the company has confirmed that the companys databases have been targeted by hackers before.
Monster copped to a large security breach Aug. 22, but is now admitting that the data leakage has been going on for longer and could involve more customers than originally announced.
That admission came Aug. 29, and Monster highlighted a number of steps it is taking to improve security and educate the job seekers on its site.
Company officials pledged to improve the worldwide monitoring and surveillance of its site traffic, review and tighten all site access policies and controls, and launch a series of targeted initiatives to protect job seeker contact information.
The company has also posted advice to customers about avoiding phishing scams, with examples of fraudulent e-mails claiming to originate with Monster.com.
In addition, the company, based in Maynard, Mass., has expanded its Web Site Security Task Force to include executive-level staff; the task force will now report directly to the companys chairman and CEO, Sal Iannuzzi.
Click here to read more about Monsters containment of the data breach.
“Protecting the job seekers who use our Web site is a top priority at Monster,” Iannuzzi said in a statement. “We believe these actions are the responsible steps to protect our valued job seekers and customers.”
But company officials noted that the theft of confidential information was not an isolated incident and said the scope of illegal activity was impossible to pinpoint.
Symantec notified Monster on Aug. 17 that a hacker-controlled server contained personal data including e-mail and home addresses and resume identification numbers for more than 1 million Monster customers.
The data had been stolen using legitimate log-on credentials stolen from recruiters and human resource personnel with corporate Monster.com accounts.
In total, Monster said the week of Aug. 20 that data from 1.3 million customers had been stolen. Monster shut down the rogue server, which was being used to spam the users whose data was stolen. The server was also being used to steal financial and other information from unsuspecting customers.
This kind of rolling disclosure is likely to become widespread, according to Prat Moghe, chief technology officer and founder of Tizor, a data auditing software firm also based in Maynard.
“We will continue to see this pattern, where a breach is announced and then days, even months later it comes to light that the scope of the breach was much larger than first thought.”
Moghe said thieves can exploit the fact that most enterprises dont have real-time visibility into what is happening with data once credentialed users access it. “Without visibility into the data core, the escalation of damage is inevitable,” he said.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.