Why hacking a job site?
Job sites collect CVs that contain tons of personal data. When you ring your bank, or a credit card company, they will at some stage ask you for your address. They might ask you for your email address as well. Your landline or your mobile number. All that plus tons of the personal data in contained within the CV. That makes a CV database a perfect tool used for phishing attempts. Note that a person looking for a job is not in the best moments of his life, and hence vulnerable. Receiving a call from someone pretending he is a recruiter who just received a really good CV, when you do not have a job, people will answer all kind of questions that enable scammers to gather even more data that is on the original CV submitted.
Jobs sites get hacked often
In fact, job sites are one of the top types of the web sites that are likely to get hacked. The worst part is that job sites do not get hacked ‘for fun’, for some hacker or a hacking team to showcase their hacking skills, and replace the Home Page with some funny (or not so funny!) message, but for a very ‘commercial’ reason. Job sites never end up showing a hackers message instead of the Home Page, but instead only the data – the CV’s are stolen while the site itself keeps attracting the fresh candidates applications with their fresh CV’s. You can look at MyJobs.ie even right now – it does not say anything on the home page about being hacked at all!
Irish Times has an article today with an interesting question raised in their article of the MyJob.ie being hacked:
“The attackers have already been arrested and a file sent to the DPP. If this is the case, when did the breach originally occur and why did it take so long to notify those impacted?”
5 replies on “MyJob.ie Hacked!”
You quote “why did it take so long to notify those impacted”, how long did it take? I’ve been told the notices were sent within a day or two, the attack was detected immediately.
@Dave – I have absolutely no clue how long did it take. The quote is from the Irish Times article liked above in the post. I have no affiliation with MyJobs.ie and do not know much about that site TBH. It is just sad that things like this happen in times where both job seekers and recruiters are having such a tough time (years!).
I got no notification from jobs.ie but my husband received dodgy emails from two old email addresses in my maiden name today, both had been used over 6 years ago to register cvs, apply for jobs etc through jobs.ie.
OOPPS! Note that the news report states the MyJob.ie was hacked now Jobs.ie – Those are two different sites. Could you have been registered on MyJob.ie, or is it an early site that Jobs.ie potentially has a problem as well?
Oh sorry, I don’t think I was ever registered with MyJob.ie, like I said these were 6-7+ years ago, was it around then? So could be Jobs.ie or you mentioned Monster.ie? They and Recruit Ireland are only ones I remember registered + uploading CVs with. Both emails (one yahoo and one hotmail) had different passwords and are unused other than occasionally checked for years. Very odd they’d both start sending out spam on same day.