Guardian Jobs website hacked, personal data at risk

Filed Under: Data loss

In news that will send a shiver down the spines of many job seekers, it has been revealed that the UK version of the Guardian Jobs website has been broken into by hackers.

The site, which is described as one of the top five job websites in the UK, with some two million users a month, would be a rich data mine for identity thieves who would be rubbing their hands in glee at the prospect of getting their hands on confidential information from innocent people's CVs and job applications.

Details of how the hack was committed have not been revealed, but warning emails sent to people who have used the jobs.guardian.co.uk site to make job applications described the attack as "sophisticated and deliberate".

The warning posted by the Guardian Jobs website

Magdex, who runs the site on behalf of The Guardian, is said to have taken steps to prevent any more data leaking into the hands of hackers. It's also good to hear that the folks behind the Guardian Jobs website have done the right thing and informed the Metropolitan Police about the incident - but it remains to be seen if the authorities have any luck discovering who might be behind this attack.

If you are a user of the Guardian Jobs UK website I would recommend keeping a close eye on this webpage, where they are providing updates on the situation. At the moment the information is scant, but hopefully they will update it will further advice for those who may be affected.

The Guardian Jobs website doesn't say that login passwords may also have been compromised, but if I were a user of the site I certainly wouldn't hesitate to change my password just in case. Make sure, of course, that you choose a sensible hard-to-guess password and don't use the same password on any other site.

Of course, this isn't the first time that online recruitment websites have suffered at the hands of cybercriminals. Earlier this year I revealed how the databases of Monster.com and USAJobs.gov were compromised, and contact and account information was stolen.

The US version of the Guardian Jobs website, guardianjobs.com, is said not to be affected and is run independently of the UK operation.

, ,

You might like

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.