User data stolen from job site Monster

Database containing information such as passwords, e-mails, and phone numbers illegally accessed. Stolen data doesn't include resumes or Social Security numbers, says Monster.

Elinor Mills Former Staff Writer

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.

See full bio

Elinor Mills

Jan. 26, 2009 11:22 a.m. PT

User information, including passwords, has been stolen from job site Monster, the company has announced.

Monster's database of user account information--which includes user IDs, passwords, e-mail addresses, names, phone numbers, and some demographic data--was illegally accessed and information was taken, the company said on Friday.

The information that was stolen did not include resumes or sensitive information like Social Security numbers and financial data. But someone could use the data that was breached to contact Monster users and use social engineering to trick them out of their information.

Monster is urging its users to visit the site and change their password. As a matter of policy, Monster does not send unsolicited e-mail asking users to confirm usernames and passwords or to download anything.

Job sites are a likely target during an economic downturn, security firm AppRiver said in a recent report on spam and other Internet security threats.

More information on security tips is available on the Monster security Web page.