Financial services jobs site eFinancialCareers has had its database hacked, compromising its users' information.
The attack is thought to have left names, e-mail addresses, registered countries and encrypted passwords exposed. Users should be on the lookout for phishing e-mails purportedly from the site requesting personal information.
In a statement posted by Nick Kalikajaros, James Bennet, MD, eFinancialCareers, says: "Although we constantly review and improve our security features, unfortunately on this occasion, some information was taken, for which we offer our full apology."
In the economy with record unemployment, this was something that I predicted would happen. With so many employment sites popping up or spin-off of larger career sites (careerbuilder, monster, LinkedIn, etc.), it was just a matter of time. These site were
requesting every detail of your life including your work history, passport, SSN, work permit, place of birth, mother's maiden name, driver's license, etc. What better recipes for hackers, all of the information is on one place.
Noticed that eFinancial has not mentioned anything about assisting users whose account were hack any restitution in the way of credit monitoring for the standard three years as is the practice. To the unemployed or recent unemployed this is yet another exploitation
of our situation.
Let us see what if the federal government and Justice Department will take measure to hold career sites and others, requesting information to guarantee reassurance and provide restitution for breach of security. This is the unemployed people version of WikiLeak.
Do people actually provide that sensitive information? I would barely provide a mailing address, certainly not a Passport number or SS number! I would state who I am and what I have and a certain amount of details like past colleges, courses, and years
which is bad enough in itself, but never the detail stuff. That's only relevant to an employer, not a potential employer.
The problem with many online forms is that often you cannot submit without 'something' in those fields and you are stuck - just like accepting all that small print for software - you want it, you accept it and fingers crossed. Your only protection is being
one of a crowd and hoping it won't happen to you.
Competitive base, double OTELondon, UK
© Finextra Research 2015