Hackers gained access to subscribers' names, e-mail addresses and telephone numbers through the resume database maintained by Monster.com, the technology provider for USAJOBS. USAJobs.gov first clued in to the fact that something was wrong on July 20th, when a subscriber submitted what appeared to be a fraudulent e-mail. The email was forwarded over to Monster who later confirmed that it was apart of the compromise and related to a Phishing scam that was spreading because of it.
Although Monster says this accounts for less than 8% of job seekers, the federal office posted a notice on USAJOBS.gov and is sending warning letters to all subscribers to alert them of counterfeit "phishing" emails. (The agency is also asking anyone who receives suspicious emails to report it immediately to Mayday@fedjobs.gov.) The hackers sought data such as Social Security or bank account numbers by sending emails to targeted populations in the hopes they would disclose personal information. The emails also asked users to click on links loaded with infectious software viruses. Monster already has identified and shut down the server that was accessing and collecting the information.