The Tech Herald

Ireland resume website breached – authorities still not notified

by Steve Ragan - Apr 1 2008, 20:45

Jobs.ie was stripped of an unknown number of CVs. Authorties are being contact later the company said.

In another example of data loss because of compromised security, Jobs.ie has announced that resumes (CVs) were downloaded in bulk because of an illegally obtained employer account. Simply put, the attackers stole the username and password of an account with employee rights, and downloaded resumes from there.

“Dear Jobs.ie Customers, This notice is to bring to your attention a security breach that took place on the Jobs.ie website on Thursday evening,” starts the apology letter posted to the website by Huw Taylor. “I would like to extend my sincerest apologies to all our Customers who have been affected by this and assure you that we are taking every measure to insure that this won't happen again. A dedicated 24 hour customer helpline has been set up to deal with any further questions or concerns you may have.”

The Ireland based site is worried that applicants will fall victim to Phishing scams that are the result of the lost information. They are concerned that applicants will get snared by responding to job offers based on information that was submitted. "All of the people affected have been contacted and informed of the situation. We have urged them to exercise extra vigilance with inbound e-mails in the coming weeks to ensure online security," a spokeswoman said.

Jobs.ie would not give exact details on how the criminals obtained the access information (likely Phishing or Malware) or the exact number of resumes downloaded. Oddly, the website said that they have contacted the Data Protection Commissioner, but not the authorities. They said that they would contact authorities after they determine the exact location of the IP address where the attack originated. (Thanks to spoofing however, it is seriously unlikely they will get proper information.)

In the meantime, in an email sent to affected site members, the company urged them not to give any personal information until it had been established the contact was legitimate. In addition, they asked users not to give out personal banking information, not to share passwords with anyone, and not to open e-mail attachments if the client was suspicious, especially .exe files.

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

Chevrolet shows off the 2015 Colorado with digital experience

Chevrolet has launched a new website to show buyers all the bells and whistles available on ...

Mazda to debut CX-3 and MX-5 at Los Angeles Auto Show

Mazda has announced plans to premiere the new Mazda CX 3, its new compact crossover SUV, at ...

Ford issues safety recall for 204,448 Ford Edge and Lincoln MKX

Ford has issued a safety recall for 204,448 of the 2007-2008 Ford Edge and Lincoln MKX in No...

Mopar Previews SEMA Custom Rides

We have added a set of pictures released by Mopar ahead of the SEMA Show. Mopar are bri...

Audi R8 Competition – The Most Powerful Production Audi Ever

Audi has revealed details of their new super-fast Audi R8 Competititon β€” the most powerful a...