BOSTON (Reuters) - About 146,000 people using a jobs Web site sponsored by the U.S. government have had their personal information stolen by hackers who broke into computers at Monster Worldwide Inc, a government spokesman said on Thursday.
The theft on the USAjobs.gov site, which has about 2 million total users, was part of the hacking operation that Monster disclosed last week, according to Peter Graves, a spokesman for the U.S. Office of Personnel Management.
Monster runs the site on behalf of the government.
On Wednesday, the government temporarily restricted recruiters from accessing the database until Monster completes efforts to ensure its computer system is secure, Graves said.
“We disabled it yesterday as an extra precaution on our part to best protect our users,” he told Reuters in an interview late on Thursday.
He said the government expected to restore that access by Friday.
The information stolen was names, mailing addresses, phone numbers and e-mail addresses. Social security numbers, which are encrypted in the database, were not compromised, Graves said.
Officials with Monster couldn’t be reached for comment.
The government got its first clue that the site had been compromised on July 20, when a subscriber submitted what appeared to be a fraudulent e-mail, Graves said.
Officials with the U.S. agency immediately passed the information on to Monster, Graves said.
The agency also posted a notice on the USAJobs site, warning users to be careful of fraudulent email scams.
In such scams, which are known as phishing attempts, hackers subtly persuade their targets to provide financial information or download malicious software.
The scams are updated versions of deceptions practiced for centuries in which criminals secretly gather data about their victims, then try to use that information to cheat them.
What makes the schemes particularly malicious is that they are conducted over the Internet, giving criminals quick access to millions of targets and making it easier for them to evade justice.
It wasn’t until Wednesday that Monster notified the agency how much data had been stolen from the USAjobs database, Graves said.
“We didn’t know the extent,” he said. “We learned the extent yesterday.”
The government followed up by posting a notice on the jobs site warning users that they might be victims of phishing attempts, and also contacted users individually, via e-mail, beginning with the 146,000 individuals whose data had been stolen, Graves said.
Reporting by Jim Finkle