On 23rd January 2009 it was reported that the well known jobsite, Monster had been hacked into, compromising millions of records. Initially the reports focused on the access to US customers/applicants details.
However it was quickly revelaed that this was a global issue, with details of customers from the UK and around the world. Once again, like so many other hacks of websites, this poses questions. How are the details secured within the system? Is the security just to stop the outside person getting in? If so that’s a failing because people should always get in, is encryption and internal security used on their servers and databases? In this case it also begs the questions of data protection breaches. Was data from the UK moved to the US and did the clients giver permission for this?
This is not the first time that Monster has been hit, just under 1.5 year ago, it was hacker and millions of records were stolen. On that occasion it was “mainly US” customers, and the servers were in Ukraine.
Due to the size of this hack, around 4.5 million records, there have already been calls to address some of the questions highlighted above through additional legislation