Saturday, October 24, 2009
Guardian Jobs website hacked

For most people that work in the media, the Guardian's jobs paper and website are one of the main ways to look for jobs and recruit new talent.

An email sent out on Saturday night just warned all users that the site (run by external supplier Magdex) has been hacked, and registered users' personal data has been accessed.

I've done a quick story on this over at The Media Blog. I've also sent some questions to the team at The Guardian to find out as much as possible about the breach.

Here's the full text of the email:

SECURITY BREACH - GUARDIAN JOBS

We learned yesterday evening that the Guardian Jobs website has been targeted by a sophisticated and deliberate hack, which has breached the security of the data on the site. You have used the site to make one or more job applications and we believe your personal data, relating to those applications, may have been accessed.

We are absolutely committed to the privacy of our users, and would like to assure you that we are treating this situation with the utmost seriousness. The matter has been reported to the police, who are now undertaking a full investigation through the police central e-crime unit at New Scotland Yard.

The supplier who runs the site has identified the manner in which it was hacked and taken steps to prevent a recurrence.

We have no reason to believe that any financial or bank data was compromised in this incident. However the police advise that those whose personal data may have been stolen in this way should take a number of precautionary measures. These are outlined below:

1) Contact your creditors, even if they have not been affected, so that they can monitor your accounts to ensure they remain protected.

2) Contact a credit reference agency: Callcredit, Equifax or Experian provide suggested steps to resolve the situation and prevent it happening again.

3) Contact CIFAS protective registration: If you think you have been a victim of identity theft you should consider subscribing to CIFAS. This places a notice on your credit file indicating that your name and address may be used to perpetrate identity fraud.

In addition the following websites are sources of useful information:

www.met.police.uk/fraudalert/
www.stop-idfraud.co.uk
www.banksafeonline.org.uk
www.getsafeonline.org

We will continue to work with the police whilst the investigation is carried out. Please refer to the following page for updates:

jobs.guardian.co.uk/securityupdate.html