As news of the a hacker attack on job seeker site Monster.com filtered out yesterday morning, Cyber-Ark, the data vaulting and security specialist, says data leakage could have been avoided if the site had maintained its database in a secure and encrypted format.
Newswire reports say that hundreds of thousands of people may have had their personal details, including their addresses and phone numbers, downloaded from Monster.com.
Calum Macleod, European director for Cyber-Ark, says: “Modern encryption and digital vaulting techniques mean that personal information uploaded to a web site need only be decrypted when the database is interrogated.
“Using this approach means that the data can be held securely on the web server and, even if hackers succeeded in downloading the files, the fact that they were encrypted would render the data unreadable.”
According to Macleod, Monster.com’s problems may only just be beginning, as the hackers may use the personal details of its members to commit identity theft crimes, which could lead to a number of lawsuits being filed.
|