Quote:
Originally Posted by HarryT
That's exactly what MP say - there was no financial info on the server on which the attempted hack was made; just account info.
|
Yes, they said this after having gone offline for a long time. They couldn't have known this the first time they discovered a hacker was working on them.
Regarding "just account info"... look at
what happened to Monster.com not so long ago:
Quote:
|
Monster.com waited five days to tell its users about a security breach that resulted in the theft of confidential information from some 1.3 million job seekers, a company executive told Reuters on Thursday.
|
Quote:
|
Manzo [of Monster.com] said that based on Monster's review, the information stolen was limited to names, addresses, phone numbers and email addresses, and no other details including bank account numbers were uploaded.
|
Just account info, but then:
Quote:
On August 21, Symantec published a report on its Web site that said it had found copies of scam e-mails that the engineers of the attack were using, with the aim of getting information that was more valuable than just the names and contact details of Monster.com users.
Pretending to be sent through Monster.com from job recruiters, the e-mails asked recipients to provide personal financial data, including bank account numbers. They also asked users to click on links that could infect their PCs with malicious software.
Their ultimate goal in taking the data from Monster.com was to gain enough personal information to lower the guards of target victims when they read the e-mails, said Patrick Martin, a senior product manager with Symantec's response team in Austin, Texas, which first identified the attack.
|