Monster.com | Consumer Alert | Job search privacy — According to the job site Monster.com, its users’ IDs and passwords, email addresses, names, phone numbers, and some “basic demographic data” were compromised in a data breach. Monster notified victims of the security breach through its web site on Friday, January 23, 2009. It is unclear how many people this notice impacts, as Monster.com did not give an estimate. In press reports, however, Monster has admitted that the breach is global, with Asia Pacific and Eastern Europe being spared. Job seekers’ information can be used like a road map for criminal ventures, including identity theft, phishing and spamming. User passwords, which Monster.com says were compromised in this breach, are especially valuable as they can potentially be used to access other sites or email accounts, especially if a person regularly uses the same passwords. The World Privacy Forum has published a consumer alert about this data breach with tips for victims. This data breach also impacts USAjobs.com, the government job search site affiliated wiith Monster.com.
Consumer advisory | PHRs and privacy — The World Privacy Forum has issued a consumer advisory about the privacy of PHRs to help consumers understand and approach the complex privacy issues PHRs can raise. Consumers need to know that not all PHRs protect privacy in the same way, and some PHR systems can undermine consumer privacy in serious ways that consumers may not be expecting.
Opt-out | Financial privacy — The World Privacy Forum has updated its popular Top Ten Opt Out list to reflect several new change made to the Direct Marketing Association opt outs. In the past, some of the DMA opt-outs, like the Direct Marketing Association’s mailing preference lists, used to cost $1. That fee has now been removed for people opting out online. Please see item #3 on the Opt Out list for the complete update.
Consumer alert update — Monster.com posted a warning on its site stating that all users of Monster.com may have been impacted by the data breach of its systems by hackers. All job seekers need to be aware of potential phishing attacks that are sophisticated and highly targeted, and job seekers with safety considerations need to be aware that their information has likely been compromised. The U.S. Office of Personnel Management has announced that the Federal job site USAJobs (which is outsourced to Monster.com) has also been impacted by the breach. The World Privacy Forum has updated its job seeking tips, and its consumer alert.
World Privacy Forum information and materials on medical privacy topics.