So, you must have heard about the hack at Monster yesterday, and as you can imagine I have plenty of thoughts on it, however, I’ll share just one with you for today.
What is Monster doing storing passwords in plain text?
There’s obviously an issue with data loss to fraudsters – that in itself is very serious. But have you considered that if these cretins have your password as well, they can probably go roaming around the internet (and BTW – they don’t do this manually...) seeing where you might be registered with the same username/email and password combo – e.g. your bank!
This is a fundamental violation of user trust, never mind about a school boy immature access to security.
So, as Tim Elkington recommends – change your Monster password - sure, but you should also consider changing your password on other sites as well.
Come on Monster, you are damaging the whole online community, never mind about the online recruitment comunity by being so incredibly irresponsible.
- Mike
Comments