The site, which aims to add 350 new users every day and mail a newsletter to 170,000 registered candidates, said that some customers have received spam that tried to recruit mules to transfer funds in the name of swindlers, said Sophos. The breach came to light late on Tuesday and brought the site to be taken for about seven hours.
"Obviously, it's a horrible situation RecruitIreland web site and its users were vulnerable to protect" the message of Sophos' Blog Naked Security said. "Unanswered questions asked for sensitive information was not considered properly (it was the encryption is used?), And how it was possible for hackers to steal valuable information."
The company said only that the cause of the violation - probably an "error code" - had been identified and that the "particular problem has been solved." Brian Honan of BH Consulting has worked with the company for the verification site.
This is not the first time that fraudsters have turned to a recruitment site for jobs. In January 2009, Monster.com has lost a large amount of personal data of millions of job seekers from its database was accessed illegally. It was the third serious attack on the site in 18 months. And last year, The Guardian warned 500,000 customers that hackers may have seized the private information held on the site after a "sophisticated and deliberate" attack.
RecruitIreland informed the Data Protection Commissioner and the Gardai of the violation. reporting is limited to user names, name and email, the company said. ®
