Washington DC – A Ukrainian hacker group that initially hacked Monster.com has also broken into a well-known government job website. According to the Office of Personnel Management, the hackers extracted an estimated 146,000 names and other private information from usajobs.gov.
USAJOBS.gov is run by Monster.com and hosts almost all of the federal government’s job openings. Job seekers generally upload their resumes and fill out profile sheets that are then available to government recruiters. This information is obviously a treasure trove for both legitimate marketers and scam artists and the Ukrainians allegedly made off with names, mailing addresses, phone numbers and email address of the victims.
The government says Social Security numbers were kept in a separate database and were not comprised, but it probably doesn’t take a genius to dig up a Social Security number if you have all the above information along with a complete resume.
The Ukranians initially attacked Monster.com by gaining access to a recruiter subpage within the job website. After entering the recruiter page, the group siphoned off an estimated 1.3 million user profiles and resumes. The private information was then used to send out financial phishing emails to the victims.