During the week of August 27th, Monster.com had a major security breach. More than 1.3 million records of resume contact information were found to have been pilfered off both the Monster.com site as well as the USAJobs.gov site. While this information doesn’t include any highly secure informations such as financial and social security numbers, it is still information that can be used with phishing and spam email. During the investigation, Monster found that this wasn’t the first time that information had been taken this way from their site.
In response to this breach, Monster.com sent letters out to the victims informing them of the theft of their information. One of my friends was one such user. The letter is filled with corporate speech detailing their regret as well as the address to a part of the monster site that details about phishing and ways to avoid being a victim.
Another action Monster took in response to this event was a promise to their users to step up site monitoring and to spend $80 to $100 million in site upgrades. According to a Reuters news article, the site had lost between 200 to 300 job seekers’ support. Monster has set up a security center for people to learn more about email phishing and what happened with the security breach.
Besides the impact this had on increased site security spending, the overall effect consumer effect does not seem to be that steep. Losing 200 to 300 people out of 1.3 million is much less than 1%. As for internet feedback, most blog output on the matter seem to just be rehashing or adding facts about the incident as well as talking generally about the need in big business for more internet security spending. The concensus seems to be “its happening again,…. drat”, and then they go back to their normally scheduled program. Security breaches are becoming so common that the public is becoming less phased by the breaches and just deals with them. Is this a indication of a more tolerant public concerning internet information security? Or is lack of large response due to the fact that only basic contact information was stolen.
J Rae Unbound 