As part of the recent Monster security breach, the alleged hackers apparently were able to infiltrate approximately 146,000 names and other private information from federal jobs website USAJOBS.gov.
Monster.com, the technology provider for USAJOBS.gov, informed the Office of Personnel Management that 146,000 subscribers to USAJOBS.gov — out of two million subscribers — were affected in this incident.
Although Monster says this accounts for less than 8% of job seekers, the federal office posted a notice on USAJOBS.gov and is sending warning letters to all subscribers to alert them of counterfeit “phishing” emails. (The agency is also asking anyone who receives suspicious emails to report it immediately to Mayday@fedjobs.gov.)
In the data breach, “phishing emailers” gained access to a recruiter subpage within Monster.com and stole sensitive contact information such as names, email addresses, and telephone numbers from job seekers who had uploaded their profiles and resumes.
The hackers sought data such as Social Security or bank account numbers by sending emails to targeted populations in the hopes they would disclose personal information. The emails also asked users to click on links loaded with infectious software viruses.
However, the Office of Personnel Management says no Social Security numbers were compromised because the numbers were kept in a separate database.
Despite this reassurance, the government temporarily restricted recruiters from accessing the database until Monster completes its security sweep of all databases and systems.
An Office of Personnel Management spokesman said it was disabled “as an extra precaution on our part to best protect our users,” but that the government would restore access by Friday.