Why job seekers may lose data

As if searching for the perfect IT job is not challenging enough, IT professionals recently faced yet another obstacle that threatened not just their employment prospects but the security of their personal data.

With the help of a Trojan called, Infostealer.Monstres, hackers were able to scour the online resume database of job search giant Monster.com and get hold of some 1.6 million entries with personal records, according to a blog posting by Amado Hidalgo, a member of Symantec Corp.’s Security Response Team.

Monster.com has since identified and shut down the source of the malware, a Monster.com statement said. Posting resumes online has become common practice among IT professionals, but the job search site breach had caused many to evaluate the risks involved with online resume posting.

Many people put personal information on their resume, such as date and place of birth, social security and health card number, and these are potential “treasure finds” for identity thieves, said Tom Keenan, a University of Calgary professor and IT security spokesperson for the Canadian Information Processing Society (CIPS).

“A while ago…it made a lot of sense to post your resume online and people are getting jobs,” Keenan said. “Now, the reality is it’s probably a stupid thing to do because you’re more likely to be the victim of identity theft than to be hired by somebody.” Experts offered a few simple tips to keep your online job searching safe.

? Delete any personally identifiable data on your resume, such as your date and place of birth, health card number, social insurance number, driver’s license data and anything personal you wouldn’t want strangers to see, said Sandra Lavoy, regional vice-president at recruitment firm Robert Half International in Ottawa. Despite the risks, posting online resumes is still your best bet at getting a job, Lavoy said, but always be cautious of what you write in your online profile.

? Beware of e-mails claiming to have a job for you. If it looks too good to be true, chances are it is. “You don’t want to be so excited at the possibility of getting a job that you ignore the possibility that you’re being scammed,” said Keenan. A legitimate e-mail would typically have the full name, company name and contact information of the recruiter, said Lavoy.

? Avoid giving specific names of companies you worked for, as it will only give ID thieves more ammunition, Keenan said.

? Check your bank statements for any suspicious transactions if you feel your resume is among those looted from the Monster.com site. “All the standard stuff about identity theft apply here,” Keenan said.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now