Home
Register
By Jordan Robertson
Job seekers may fake their credentials. But the recruiter on the phone with you could be lying, too.
IntelCrawler, a Sherman Oaks, California,security firm, said it has uncovered a database of user names and passwords from a government jobs website that is being sold in the underground. The company has alerted U.S. authorities, who are investigating the matter.
The breach affected as many as 5,000 accounts at GovJobs.com, according to IntelCrawler. Not a huge number, but in files reviewed by Bloomberg News, many of the user names, e-mail addresses and passwords IntelCrawler says were stolen correspond to recruiters for top defense contractors and a range of government departments including the National Security Agency and each branch of the U.S. military.
Hackers with such information could impersonate recruiters and tap job seekers who have knowledge of sensitive government projects, or seek damaging information about applicants to blackmail them into spying for them, said Dan Clements, IntelCrawler's president. They could cross-reference job-hunter lists with information, stolen in earlier hacks of commercial firms, on applicants' use of drugs, alcohol and pornography or their financial transactions. Like many Internet users, some recruiters reuse their passwords, which can put their contacts at other sites at risk as well.
IntelCrawler said it alerted law enforcement agencies and the U.S. Computer Emergency Readiness Team (US-CERT) about the breach, which the company said occurred on Aug. 13. US-CERT, an arm of the Department of Homeland Security that coordinates the sharing of cyber-security threat information, said it is aware of the report and is investigating. NSA spokeswoman Vanee Vines declined to comment. Pentagon representatives didn't return messages.
Peter Osapay, operations manager for ProGovJobs, which operates GovJobs.com, said that the company wasn't aware of any data breach, that it works closely with U.S. law enforcement officials to investigate attacks, and that it hadn't heard from authorities about any such attack. The Laguna Hills, California, company stores limited data about job seekers, reducing its usefulness to attackers, he said.
"Even without a hack, if an employer went through our resume database and resold it, it is mostly old data with not much use really, as it lacks many personal details acquired later at interviews," Osapay said in an e-mailed statement.
The site states that it attracts almost three million job seekers a month and has more than 50,000 resumes for recruiters to browse. Resumes can be accessed through recruiters' accounts, Clements said.
IntelCrawler said it knows the stolen passwords are real because it validated them against the GovJobs site as well as other government-jobs websites where the recruiters had accounts and where they reused their log-in credentials. Bloomberg News reviewed some of the files related to those efforts. The information leaked because of a common website vulnerability that is still present on GovJobs, according to IntelCrawler.
"If they have the full resume or CV of that person, if they have a classified clearance, they could be severely compromised," Clements said.
IntelCrawler said the attack may have been state-sponsored, as it has been tracking the group it believes was behind it, and has documented its interest in cyber-espionage attacks against people with secret clearances. It declined to be more specific, saying it didn't want to compromise its methods.
Hackers are always looking for weak links in the protection of sensitive information, said Reece Hirsch, a partner with the law firm Morgan, Lewis & Bockius who is focused on privacy and cyber-security. "It seems that they may have identified a new one – sites that recruit for sensitive government, military and other security-clearance positions," Hirsch said.
As networks with sensitive information harden their defenses against hackers, online intruders seem to have found a side door to companies' computer systems in employment services. Last month, the Washington Post reported that US Investigations Services, the largest provider of job-applicant background checks for the federal government, was hacked and information on employees of the Department of Homeland Security stolen. DHS and USIS acknowledged the breach, and USIS said the break-in had "all the markings of a state-sponsored attack."
Also in August, a hacking group that was behind attacks on the Wall Street Journal, the BBC and other news organizations boasted on Twitter that it had breached a jobs portal for G4S, a U.K. security company with more than 600,000 employees. Piers Zangana, a G4S spokesman, declined to comment.
Source:
http://www.bloomberg.com/news/2014-09-16/does-that-headhunter-want-your-head-or-your-secrets-.html
Job seekers may fake their credentials. But the recruiter on the phone with you could be lying, too.
IntelCrawler, a Sherman Oaks, California,security firm, said it has uncovered a database of user names and passwords from a government jobs website that is being sold in the underground. The company has alerted U.S. authorities, who are investigating the matter.
The breach affected as many as 5,000 accounts at GovJobs.com, according to IntelCrawler. Not a huge number, but in files reviewed by Bloomberg News, many of the user names, e-mail addresses and passwords IntelCrawler says were stolen correspond to recruiters for top defense contractors and a range of government departments including the National Security Agency and each branch of the U.S. military.
Hackers with such information could impersonate recruiters and tap job seekers who have knowledge of sensitive government projects, or seek damaging information about applicants to blackmail them into spying for them, said Dan Clements, IntelCrawler's president. They could cross-reference job-hunter lists with information, stolen in earlier hacks of commercial firms, on applicants' use of drugs, alcohol and pornography or their financial transactions. Like many Internet users, some recruiters reuse their passwords, which can put their contacts at other sites at risk as well.
IntelCrawler said it alerted law enforcement agencies and the U.S. Computer Emergency Readiness Team (US-CERT) about the breach, which the company said occurred on Aug. 13. US-CERT, an arm of the Department of Homeland Security that coordinates the sharing of cyber-security threat information, said it is aware of the report and is investigating. NSA spokeswoman Vanee Vines declined to comment. Pentagon representatives didn't return messages.
Peter Osapay, operations manager for ProGovJobs, which operates GovJobs.com, said that the company wasn't aware of any data breach, that it works closely with U.S. law enforcement officials to investigate attacks, and that it hadn't heard from authorities about any such attack. The Laguna Hills, California, company stores limited data about job seekers, reducing its usefulness to attackers, he said.
"Even without a hack, if an employer went through our resume database and resold it, it is mostly old data with not much use really, as it lacks many personal details acquired later at interviews," Osapay said in an e-mailed statement.
The site states that it attracts almost three million job seekers a month and has more than 50,000 resumes for recruiters to browse. Resumes can be accessed through recruiters' accounts, Clements said.
IntelCrawler said it knows the stolen passwords are real because it validated them against the GovJobs site as well as other government-jobs websites where the recruiters had accounts and where they reused their log-in credentials. Bloomberg News reviewed some of the files related to those efforts. The information leaked because of a common website vulnerability that is still present on GovJobs, according to IntelCrawler.
"If they have the full resume or CV of that person, if they have a classified clearance, they could be severely compromised," Clements said.
IntelCrawler said the attack may have been state-sponsored, as it has been tracking the group it believes was behind it, and has documented its interest in cyber-espionage attacks against people with secret clearances. It declined to be more specific, saying it didn't want to compromise its methods.
Hackers are always looking for weak links in the protection of sensitive information, said Reece Hirsch, a partner with the law firm Morgan, Lewis & Bockius who is focused on privacy and cyber-security. "It seems that they may have identified a new one – sites that recruit for sensitive government, military and other security-clearance positions," Hirsch said.
As networks with sensitive information harden their defenses against hackers, online intruders seem to have found a side door to companies' computer systems in employment services. Last month, the Washington Post reported that US Investigations Services, the largest provider of job-applicant background checks for the federal government, was hacked and information on employees of the Department of Homeland Security stolen. DHS and USIS acknowledged the breach, and USIS said the break-in had "all the markings of a state-sponsored attack."
Also in August, a hacking group that was behind attacks on the Wall Street Journal, the BBC and other news organizations boasted on Twitter that it had breached a jobs portal for G4S, a U.K. security company with more than 600,000 employees. Piers Zangana, a G4S spokesman, declined to comment.
Source:
http://www.bloomberg.com/news/2014-09-16/does-that-headhunter-want-your-head-or-your-secrets-.html
» CCS.N0000 ( Ceylon Cold Stores)
» Sri Lanka plans to allow tourists from August, no mandatory quarantine
» When Will It Be Safe To Invest In The Stock Market Again?
» Dividend Announcements
» MAINTENANCE NOTICE / නඩත්තු දැනුම්දීම
» ඩොලර් මිලියනයක මුදල් සම්මානයක් සහ “ෆීල්ඩ්ස් පදක්කම” පිළිගැනීම ප්රතික්ෂේප කළ ගණිතඥයා
» SEYB.N0000 (Seylan Bank PLC)
» Here's what blind prophet Baba Vanga predicted for 2016 and beyond: It's not good
» The Korean Way !
» In the Meantime Within Our Shores!
» What is Known as Dementia?
» SRI LANKA TELECOM PLC (SLTL.N0000)
» THE LANKA HOSPITALS CORPORATION PLC (LHCL.N0000)
» Equinox ( වසන්ත විෂුවය ) !
» COMB.N0000 (Commercial Bank of Ceylon PLC)
» REXP.N0000 (Richard Pieris Exports PLC)
» RICH.N0000 (Richard Pieris and Company PLC)
» Do You Have Computer Vision Syndrome?
» LAXAPANA BATTERIES PLC (LITE.N0000)
» What a Bank Run ?
» 104 Technical trading experiments by HUNTER
» GLAS.N0000 (Piramal Glass Ceylon PLC)
» Cboe Volatility Index
» AHPL.N0000
» TJL.N0000 (Tee Jey Lanka PLC.)
» CTBL.N0000 ( CEYLON TEA BROKERS PLC)
» COMMERCIAL DEVELOPMENT COMPANY PLC (COMD. N.0000))
» Bitcoin and Cryptocurrency
» CSD.N0000 (Seylan Developments PLC)
» PLC.N0000 (People's Leasing and Finance PLC)
» Bakery Products ?
» NTB.N0000 (Nations Trust Bank PLC)
» Going South
» When Seagulls Follow the Trawler
» Re-activating
» අපි තමයි හොඳටම කරේ !
» මේ අර් බුධය කිසිසේත්ම මා විසින් නිර්මාණය කල එකක් නොවේ
» SAMP.N0000 (Sampath Bank PLC)
» APLA.N0000 (ACL Plastics PLC)
» AVOID FALLING INTO ALLURING WEEKEND FAMILY PACKAGES.
» Banks, Finance & Insurance Sector Chart
» VPEL.N0000 (Vallibel Power Erathna PLC)
» DEADLY COCKTAIL OF ISLAND MENTALITY AND PARANOID PERSONALITY DISORDER MIX.
» WATA - Watawala
» KFP.N0000(Keels Food Products PLC)
» Capital Trust Broker in difficulty?
» IS PIRATING INTELLECTUAL PROPERTY A BOON OR BANE?
» What Industry Would You Choose to Focus?
» Should I Stick Around, or Should I Follow Others' Lead?