Hackers Steal Info from Federal Govt. Job Site

August 31, 2007 (PLANSPONSOR.COM) - Hackers stole information on about 146,000 users of a federal government jobs Web site after an apparently Ukraine-based attack on Monster Worldwide computers.

The theft on the USAjobs.gov site, which has about 2 million users, was part of a hacking operation Monster disclosed last week, Peter Graves, a spokesman for the U.S. Office of Personnel Management (OPM), told Reuters. Monster runs the site on behalf of the government.

The information stolen from the federal database included names, mailing addresses, phone numbers and e-mail addresses. Social Security numbers, which are encrypted in the database, were not compromised, Graves said.

Earlier this week, OPM restricted recruiters from accessing the database until Monster makes sure its system is secure, Graves told Reuters. “We disabled it yesterday as an extra precaution on our part to best protect our users,” Graves said, adding that the government expected to restore access Friday.

The government found out the site had been compromised July 20, when a subscriber submitted what appeared to be a fraudulent e-mail, Graves said, causing OPM to immediately pass the information on to Monster, the government spokesman said.

A response team from computer security firmSymantecfound that the hackers had managed to get unsuspecting PC users to download malicious software on to their computers so that hackers could gain control of their PCs.

From a command and control center relying on a Ukraine-based Web-hosting company, hackers hijacked the compromised computers so they could access Monster’s site using stolen credentials of job recruiters. The malicious software then sent the information to a second server in the Ukraine, which Monster said was shut down on about August 23.

The hackers’ ultimate goal was to launch so-called phishing attacks on the job seekers whose data was taken, according to Monster and Symantec. In such schemes, hackers use the stolen data to persuade their targets to provide financial information or download malicious software.

Pension Funds’ Computer Security Problems

Earlier this month, reports surfaced that two pension funds in California and New York had compromised the personal information of retirees.

The California Public Employees’ Retirement System (CalPERS) security breach happened when pension fund brochures containing part or entire Social Security numbers on the envelope were mailed out to 445,000 retired workers. Also, a laptop computer with the financial information of as many as 280,000 New York City retirees disappeared from a restaurant (See CalPERS Says Computer Error Compromised Retirees’ Social Security Numbers ).