Guardian Jobs Website hacked?

Anybody else had an email saying the Guardian Jobs website has been
hacked? I received one at 20.06 this evening. A google brings up no
news story yet. Anybody had a similar email? Is it a hoax?
Sophisticated Phish? if so how did they know I had used the site?

Boxerboy

 

Seems real enough at the moment - http://jobs.guardian.co.uk/securityupdate.html
is a link to the security message.

I have just asked for my account to be deleted as I feel they have
seriously let me down by allowing potential fraudsters to use my
information.

I certainly wont be using this site again.

 

Yes, I have a similar email, addressed to me by name.
I guess they have my name, address and phone number as a basic minimum
from my CV.

I'm wondering what my vulnerability currently is. Total and utter
wankers. Does the collective FOAK have experience of this sort of stuff?

 

Luckily I had not uploaded my CV but had attached it to emails that
passed via their portal to employers. In fact I got a job last week as
a result. As has been already said my exposure is limited to name,
address, phone number employment history and email address. However
given half an hour or so that would be enough to set up duplicate
identities.

Boxerboy

 

I have *never* got a job through an agency in my life. I'm not sure I'll
sign up with any more agencies in the future either, unless I get very
very desperate.
On further examination of my dealings with the guardian, I don't ever
seem to have *registered* with them, just applied for positions via
their interface. God knows what information they've stored, I intend to
email them to request a copy of all the information they DO hold about
me, unless the 'hackers' deleted their copy of course.

 

Same, never registered, just applied through their portal, innocuous
little 'submit' button that no doubt signs all my details over to their
pdf grepping database. Grrrrrrrrr.

 

I called my bank to mention that they might like to keep tabs on stuff.
They said: 'What's it got to do with us?', which is a nice reassuring
stance. They're not even interested in making a note against my account.
All they said was that if I willingly shared information related to my
account then I wouldn't be covered by any anti-fraud compensation.

Nice to know they're happy to cover their backs whilst not giving a shit
about the money I lend to them to squander. Makes you glad to be poor,
that does. I'll spend all my income on bikes then instead of letting
them have it.

 

I have, actually. In fact, when I took my current job, both it and an
alternative job were via agencies.

Previous job I can honestly say I was headhunted for, and the one
before that I contacted the company directly on the off-chance that
there was a position available.

Despite that, I have to say that most IME agencies are just contract
salesmen with less than half a clue.

 

cat wrote:
snip

How quaint, you *lend* the bank money. My bank just takes my money, what
they do with once it's theirs is no concern of mine.

Don't forget drink and whores as well, although you could probably skip
the whores and get a better bike.

 

No, not really, I'm flapping my keyboard. I've never had a fluffy
feeling that my money is safe though, maybe that's not ever been
something that banks offer.

I have selected the type of bike, I'm just waiting for $spare_cash to be
roughly equal to $cost_of_bike. You can keep your strumpets thanks.

 

Chicken Licken, is that you?

 

Colour me wooshed, I have no idea what you're on about.

 

http://en.wikipedia.org/wiki/Chicken_Licken

 

Flexible moral framework and unclear story planning lead to confusion?
Sounds like banking.

It's not the *best* parable, is it?

 

Cheque? How quaint!

I didn't register with the guardian, which I mentioned elsewhere in the
thread.
I attached my CV to covering letters sent to recruiters advertising via
their job site. I didn't give them permission to 'make my cv searchable
by agents' so I was quite surprised that they HAD any information which
could be compromised.

 

It's a cunning diversion by the government to make you think it's *your*
money.

Strumpets are not whores, they are very nice ladies indeed.

 

The links provided by the guardian said it was a good idea. Legally
there appears (at scant glance) that if you've warned your bank before
the horse has bolted they *should* keep an eye on the door.
I was doing what I was told in an emai..... oh, I see P

My card was cloned in 1999 I think, I popped into the bank to ask where
all my money had gone and found it was spent on petrol and travel. They
simply reinstated the missing money writing the theft off, which seems a
little wasteful.
When, several years later, I bought £3000 of USD travellers cheques to
take to Mexico, I got a call from the bank asking if I'd really made
that transaction. I guess I thought it was worth maintaining these
kinds of pre-emptive dialogues.

 

What reasons did the email give, though? What information could they
possibly have gained from this 'leak' that could be used to compromise
your bank account?

 

They theorised that it was sufficient information to apply for credit
cards, or other credit. It's probably pretty knee jerk. It's surely
not much more information than is available from bin wading and
electrical roll scanning. I suspect the risk is TINY, but yet wonder
what the point of the attack was. It was described as deliberate and
sophisticated. An overreaction by all concerned perhaps?

I'll paste a section of the email here:

"We have no reason to believe that any financial or bank data was
compromised in this incident. However the police advise that those whose
personal data may have been stolen in this way should take a number of
precautionary measures. These are outlined below:

1) Contact your creditors, even if they have not been affected, so that
they can monitor your accounts to ensure they remain protected.

2) Contact a credit reference agency: Callcredit, Equifax or Experian
provide suggested steps to resolve the situation and prevent it
happening again.

3) Contact CIFAS protective registration: If you think you have been a
victim of identity theft you should consider subscribing to CIFAS. This
places a notice on your credit file indicating that your name and
address may be used to perpetrate identity fraud.

In addition the following websites are sources of useful information:

www.met.police.uk/fraudalert/
www.stop-idfraud.co.uk
www.banksafeonline.org.uk
www.getsafeonline.org

We will continue to work with the police whilst the investigation is
carried out. Please refer to the following page for updates:

jobs.guardian.co.uk/securityupdate.html

Please do not reply to this e-mail."

 

Can anyone actually see that page? When I try it, it just flashes up
for a second then loads the Guardian Jobs homepage.