http://news.bbc.co.uk/1/hi/technology/7853251.stm

I know a few around here trawl the job sites, so thought I'd post this just in case you didn't know yet.

After they were hacked a year or so ago, I don't use them any more.

Oh FFS :angry: I had wondered why my spam on my private account had increased. Great that account will now be spammed to hell. Not only that they have my mobile.

edit:- checked and I only ever stored mail and mobile on the site. Seems juding from their reaction that passwords were stored in plain text :rolleyes:

Oh dear! No wonder my contact at Monster was trying to contact me this week!

BB x

And they had the temerity to try and flog me access for a year. Charlatans.

I'm not sure where they've gotten it from, but a post on Slashdot says that passwords are still stored in plain text in their DB:

http://it.slashdot.org/article.pl?sid=09%2F01%2F25%2F1314215&from=rss

Even monster has said passwords where stolen. How can anyone not encrypt passwords. It's a mimimum standards. Oh well. I've gone and changed all my passwords, just to be safe.

I have knwo deleted my account and will not be using them again ever. unless they explain how passwords where compromised. Luckily getting a new phone next month. But still My poor email is likely t o become useless from spam. But we will see.

Oh crap, i used my "generic" password with them which means anything with my email and generic password on the internet could be compromised? That is hassle and a half to change all the stupid things i dont really care about but dont want to be messed around with.... :(

Glad mine was a password I stopped using about a year ago, at best it'd get them access to some rather dead/dying forums under random names (they'd have to guess the usernames though).

Good luck to em, still I've closed my Monster account anyway!

Our CV facility with Monster doesn't work.

I have several enquiries about it from the Rec Cons.. they obviously don't read the news...

BB x

I was with them about 3 or 4 years ago but my account is now locked. God knows what password was with them. Guess I should start changing things which is going to be a *real* pain.

I’ve cancelled my account with Monster as a result, not necessarily because they were unlucky enough to get hacked, but because they didn’t immediately email their members to tell them what had happened :/

I'd say the fact they were unlucky enough to get hacked is reason enough given that it isn't the first time. WTF were they doing still storing plaintext passwords after the previous hacking.

I can't believe they were storing the information in plain text!

I thought that the DPA requires organisations to take reasonable precautions etc. You'd think that storing passwords in an unencrypted format would count as nothing less than a flagrant disregard for security especially if this isn't the first time they've been compromised.