Millions hit by Monster site hack

Monster has released details of how the theft occurred

Jobs portal Monster.com has released more details about the severity of the attack on its site.

It said confidential details of more than 1.3 million people, mainly Americans, were stolen by malicious hackers who carried out the attack.

It said that servers in Ukraine and hijacked home computers were used to mount the attack.

Monster said the information was stolen to lend credibility to e-mails sent out as part of a phishing campaign.

Bank job

The thieves got away with names, addresses, phone numbers and e-mail addresses of Monster.com users.

The job site said that the thieves did not get any useful financial information such as bank account details in the attack.

Monster told the Reuters news agency that it first heard about the attack on 17 August thanks to security firm Symantec.

The jobs portal said it managed to shut down the rogue servers used in the attack on 21 August after contacting the Ukrainian company hosting them.

These servers were used to get access to Monster's database using stolen login details.

The attackers wanted to get hold of personal information in an attempt to make e-mails supposedly sent by recruitment firms more plausible.

By getting people to open the fake e-mails and click on the attachments the thieves aimed to steal more saleable information or hijack an infected machine.

The vast majority of those affected by the attack are based in the US. Monster estimates that fewer than 5,000 people outside the US had their details stolen in the attack.

Monster said it had more than 73 million CVs in its database.