24 October 2009
Security breach - Guardian Jobs
Dear Firuze French,
We learned yesterday evening that the Guardian Jobs website has been targeted by a sophisticated and deliberate hack, which has breached the security of the data on the site. You have used the site to make one or more job applications and we believe your personal data, relating to those applications, may have been accessed.
We are absolutely committed to the privacy of our users, and would like to assure you that we are treating this situation with the utmost seriousness. The matter has been reported to the police, who are now undertaking a full investigation through the police central e-crime unit at New Scotland Yard.
The supplier who runs the site has identified the manner in which it was hacked and taken steps to prevent a recurrence.
We have no reason to believe that any financial or bank data was compromised in this incident. However the police advise that those whose personal data may have been stolen in this way should take a number of precautionary measures. These are outlined below:
1) Contact your creditors, even if they have not been affected, so that they can monitor your accounts to ensure they remain protected.
2) Contact a credit reference agency: Callcredit, Equifax or Experian provide suggested steps to resolve the situation and prevent it happening again.
3) Contact CIFAS protective registration: If you think you have been a victim of identity theft you should consider subscribing to CIFAS. This places a notice on your credit file indicating that your name and address may be used to perpetrate identity fraud.
In addition the following websites are sources of useful information:
We will continue to work with the police whilst the investigation is carried out. Please refer to the following page for updates:
Please do not reply to this e-mail.
Half a million user accounts are affected in a web attack on the Guardian Jobs site this weekend.
In a statement on its site and in an email to all Guardian Jobs account holders, the site says the hack has been reported to the Police's central e-crime unit.
The e-version of the newspaper hasn't lost any bank or financial details according to the Guardian.
In the statement, the company says this is a "deliberate and sophisticated crime and... only a minority of Guardian users are at risk."
The Police are keeping information on the online theft to a minimum for the sake of investigations.
So you don't really think that having a job site hacked will be a big deal. I mean, there's hardly enough information on there to steal your identity... is there? Hackers are becoming more and more able to steal information from you just from finding out little things. Keeping one password the same for example, we all do it, but it's probably the biggest mistake we could ever make. Why is it that whether online or in real life, nothing is really safe? Why don't they hire these hackers to actually create computer programs to prevent hackers? Oh yeah, they'd get less money than if they stole £3,000 from an account each day. What ever happened to an honest lifestyle?
Technology is rapidly evolving, and with it, supposedly, our ease of life. But doesn't having to put all your details online even more of a risk? You can find out pretty much anything on the internet these days, and how secure are those "secure" webpages when we enter our credit card information?
I'm waiting for an iPhone application that will let you hack into celebrity twitter accounts or find out their email contacts.