Entertainment For Lively Minds
The great Guardian Jobs hack
Did any other members of the Massive receive an e-mail from The Guardian late on Saturday night?
Their Jobs website was hacked, breaching its security. The result is people like me now have CV's in the hands of some ne'er do wells who can go out and make all sorts of mischief with my identity.
I've been in contact with my bank, the Passport Agency, the DVLA and signed up with a credit reference agency.
However what has struck me is the apparent complacency of those I've contacted. They all seem to think their security systems are such that I've nothing to worry about. My bank tells me there is no chance of the contents of my account ending up in the Bank of St Petersburg. I appreciate that they aren't going to panic when I tell them what has happened, but it does beg the question that if everything is so secure, why would anyone go to the bother of hacking The Guardian?
Are there any IT security experts out there who can tell me what I should worry about or look out for?
- More from Carl Parker.
- Login or register to post comments
-
Unless you put your bank details on your CV
which would be pretty foolish, what are you worrying aboot? If someone else gets a job on my CV good luck to them; I bloody well can't.
isn't the issue
that with a name, address, date of birth - that you could create artificial accounts?
Isn't that all a bit...
Day of the Jackal?
And aren't names, addresses and dates of birth easy to get hold of anyway, without having to bother hacking anything? What with people posting things like "I'm 40 on Thursday gulp LOL" on Twitter, where their profile has a link to their website, where the "Contact" button gives their mailing address....
The only scam I can think of right now is for the hacker to contact people's current employers, saying "Psst! One of your employees is looking for another job. For a pony* I'll tell you who it is."
___
Or is it a monkey? I can never remember which is which.
That is the question
What is a hacker looking to achieve? We're constantly warned about the risks of giving fairly minimal information away. There's a sizeable chunk of life story on the CV. No bank details or NI number but information on my last few jobs and main educational qualifications. They've got similar or greater volumes of information from hundreds, if not thousands of people.
Hackers
Quite often the hacker actually isn't looking to gain anything beyond the hack itself. For a lot of hackers, the "glory" comes from exposing the security hole, not exploiting any data. I'm not saying this is the case here - job sites have been targeted before, with the data sold on to frausters, who'll try and exploit it through phishing schemes etc.
It's certainly not DotJ
I don't know these particular applications and how much info they hold, but job apps often have a lot more than those basic details - employment history, marital status, education and even, in some cases, NI number; that sort of information is traded to professional identity theives via online forums for a few dollars a pop (often in volume - criminals do like a bulk discount on their stolen identities).
i think the main
problem is it's bad enough having to look for work without all the grief of this i thought the whole thing was shabby. You have no option nowadays but to put your cv online and hope no one starts to mess around with a detailed picture of you.
so
is there anything to worry about this hack or similar - or not - other than a discomfort about a potential loss of privacy?
It's the worry that kills you.
Didn't *that bloke* from Top Gear taunt hackers to get into his bank account? He ended up with a Direct Debit for £100 a month to some charity(or something like that).
I'd be really annoyed
if somebody nicked the details off my CV and used them to get0 a better job with more money.........
My details went missing
when I was on holiday and my employer sent my pay slip via post. It has not turned up yet (a month later) and is probably lying in a pool of something indescribable in the sorting office, but you never know. My bank account details and NI number are on there, together with my name and address. My bank assures me that no-one could use this information to steal my identity, but I'm not so sure. As I write, my bank account remains in the state that I left it, but I keep looking. I also wonder what else may turn up in the future. No one seems particularly concerned except me.....