Lots of conversation on boards.ie claiming that a number of CVs have been illegally downloaded from the Jobs.ie website. No details of what happened have appeared yet but the below is supposed to be an email from Huw Taylor the General Manager of Jobs.ie to affected users.
I am writing to bring your attention to a security breach on Jobs.ie which occurred yesterday evening. Although this breach was identified and stopped quickly, a small number of CVs were illegally downloaded. Unfortunately your CV was one of the records taken. I understand and apologise for the concern this will cause you and I want to assure you that we are taking steps to prevent this happening again.In the meantime I urge you to exercise extra caution while conducting online activity.
To help you avoid risk, please follow these key online safety tips:
- Reputable companies do not request personal details by email, if a company contacts you do not give any personal information until you have established they are legitimate
- Never give out personal banking information
- Do not share your passwords with anyone
- Do not open email attachments if you are suspicious, especially .exe files.
A dedicated 24 hour customer helpline has been set up to deal with any further questions or concerns you may have. Please call +353 (0)1 680 8699 or email [email protected]Again, please accept our apologies for any inconvenience or distress caused.Yours sincerely,
This is not the first time an online recruitment site has been the victim of an attack, Monster.com suffered a major breach last summer. So before you upload your CV or any personal details to an online recruitment site make sure that you provide the minimum information required and delete those details once you no longer need the services of the site.
This is not the first time an online recruitment site has been the victim of an attack, Monster.com suffered a major breach last summer. So before you upload your CV or any personal details to an online recruitment site make sure that you provide the minimum information required and delete those details once you no longer need the services of the site.It will be interesting to see what other details come to light over the coming days. If you have any additional information please feel free to share it via the comments feature.
Jobs.ie have posted the above note onto their website which confirms the breach did occur. If you look at that notice you will see that the breach occured on Thursday evening. Given the time that would be taken to detect the breach, determine the amount of damage done and get people in place to respond to the breach, Jobs.ie should be commended for getting their notifications out within 24 hours of the incident happening.
Also as we have discussed on this Blog before that there are no mandatory breach disclosure laws in Ireland, so again Jobs.ie should be commended for coming clean about the incident.
If you are one of the affected individuals of this breach I appreciate it is not a nice experience to have happened, however at least Jobs.ie have notified you of the problem so that you can take steps to protect yourself against identity theft. Both the makeITsecure and Garda websites offer advise on how to protect against identity theft.
Additional coverage on SiliconRepublic.com, The Irish Times and RTE.