• BBC News, Tuesday, August 21, 2007 11 AM

Job site Monster.com suffered a massive attack yesterday, as hackers deployed a Trojan to access the employers' section of the site using stolen log-in information. Security firm Symantec said the program was used to gather names, email addresses, home addresses and phone numbers, and could be used to send phishing and spam emails. The security firm said: "This remote server held over 1.6 million entries with personal information belonging to several hundred thousands candidates, mainly based in the U.S., who had posted their resumes to the Monster.com Web site."

Monster has since been alerted of the security breach. However, Patrick W. Manzo, who oversees fraud prevention at Monster, said that hackers had not breached Monster's security; rather, they used legitimate customer credentials to log into the database. "We are not aware of any cases of identity theft," he added.

Web security firm Sophos says that more than 8,000 new Trojans are found each month. According to Ars Technica, "data breaches at universities, government agencies and corporations have become so common that only the most egregious even make the news anymore." How common? The Privacy Rights Clearinghouse now says that 159,105,898 records have been leaked since 2005.

Read the whole story at BBC News »