An attack by hackers may have ‘compromised’ the details of up to 500,000 Guardian jobs site users, the Guardian has reported.
The Guardian jobs site, which advertises many journalism and media related jobs, was targeted on Friday, but the hack was stopped before it was completed. The police is now investigating.
“We are continuing to work closely with our service provider and the police, who are undertaking a full investigation through the central e-crime unit at New Scotland Yard. Please continue to visit this site for regular updates.”
User data is stored on separate databases managed for the Guardian by third party companies. In the UK, it is operated by Madgex. Its US site was unaffected by the hack the company said.
An extract from the Guardian’s report:
“The Guardian has emailed ‘up to half a million’ users of its UK-based Jobs website to tell them that some of their personal data may have been compromised by ‘a sophisticated and deliberate hack’ on Friday night.
“A Guardian spokesperson said the site has about 10 million unique users per year, and that ‘the hack was stopped before it was completed’.
“‘As soon as we were alerted to the fact that there was a problem, we dealt with it, in line with the information commissioner’s guidance on data protection,’ said the spokesperson. ‘We felt it was important to be transparent and alert our users as soon as possible.'”
- More from ITPro at this link
- Comment from the TheNextWeb at this link
- Guardian page on security breach here
The company that operates Guardian Jobs, Madgex, believes it was the only of its clients to be targeted in this way, according to a statement by its CEO Simon Conroy.
Statement in full:
“We can confirm that hackers accessed the personal details from some job seeker CVs on our client’s recruitment website, Guardian Jobs, on Friday October 23.
“We are not aware of any other Madgex-operated website having been targeted in this way, but we have taken preventative measures to ensure the same issue cannot occur with other client Job Boards.
“Madgex has an excellent security record and we are continually reviewing our systems and comply with industry standard practices.
“Unfortunately, no site can ever be warranted as 100 per cent safe from concerted and technologically sophisticated criminal hackers.
“This situation has been treated with the utmost seriousness and Guardian Jobs has contacted all those affected by this security breach, advising them of precautionary measures they can take. Madgex and Guardian Jobs are supporting the relevant authorities with their investigations.”