

Monster.com Reports Theft of User Data - rogercosseboom
http://help.monster.com/besafe/jobseeker/index.asp

======
tlrobinson
This sounds familiar... oh right, because it happened in 2007 too.

------
tedshroyer
"In order to help assure the security of your information, you may soon be
required to change your password upon logging onto the site."

I wonder how Monster is going to verify that the person logging in and
changing the password is actually the user who owned the account and not the
thief.

I guess they could hope that the user's email hasn't been compromised and go
through an email verification to change the password.

------
aristus
Ouch. It's actually not surprising how many companies store plaintext
passwords. It's a dirty little secret.

Crucial details missing: how many (all?) users affected? When did the breach
occur and how long did it take them to notice? How did they notice? What is
this crap about "continually monitoring" the internet when they can't even
secure their own servers?

~~~
tdavis
I guess I am easily surprised; each case of "omg our plaintext passwords were
stolen" completely baffles me.

------
peterbraden
Wow, they stole my resume, I guess I'm now at risk of more work?

------
echair
So they stored passwords. Kind of surprising.

------
geuis
We got the company-wide email this morning. More or less the same content as
the linked site. There's more to the story but I can't say because I work
there.

