Tonight I got an email from the online recruit arm of Bond Personnel, MyJob.ie, to inform me they recently suffered a security breach and were sending me a precautionary email to change my password. While there are no details as to what information the attackers accessed or how they manage to breach MyJob.ie’s security, there are two interesting points to note;
The other question that is of interest is what is MyJob.ie’s data retention policy for holding client data? I have not used that website for well over 10 years, so my data would be well out of date and no longer useful. Indeed in the Data Protection Commissioner’s report for 2008 he mentions a security breach at jobs.ie and highlights they had retained personal data of clients for “an unnecessarily long period of time”.
If you have been impacted by this breach I recommend that you
The text of the email is below;
I am writing to bring your attention to a recent security breach on the server hosting Myjob.ie. The breach was quickly identified, and the Gardai have apprehended two individuals who are now the subject of a file being compiled for the Director of Public Prosecutions. Although Myjob.ie was not the primary source of the breach, as a precautionary measure we would ask all users to immediately change their password. Furthermore we would ask you to observe best practice in choosing all internet passwords and do not use the same password for more than one internet service. If you do use the same password for multiple services we would strongly urge you to rectify this immediately by logging into those systems and choosing a new password. Also, please note that reputable companies do not request personal details by email, if a company contacts you do not give any personal information until you have established they are legitimate.
Please accept our apologies for any inconvenience or distress caused by this precautionary email. Should you wish to contact us please send an email to [email protected]