This article is the subject of a legal complaint

The personal details of millions of job seekers have been stolen in the largest data theft in Britain, The Times has learnt.

Hackers gained access to confidential details provided by 4.5 million people to Monster.co.uk, the online recruitment site.

Names, passwords, telephone numbers, e-mail addresses, birth dates, sex and ethnicity data as well as other “demographic information”, were all stolen, the company admitted yesterday.

It is the most extensive breach of confidential data since HM Revenue and Customs lost the details of 25 million child benefit recipients in 2007.

The victims are mainly professional staff who are seeking work in the economic downturn. Registrations at the site, which allows employers to browse thousands of CVs online, have soared as redundancies have risen.

Monster.com refused to comment on how much information had been taken but The Times understands that the personal details of millions of people can be downloaded in under an hour once a hacker has gained access.

Security analysts told The Times that the plundered data from the recruitment site would be used by organised gangs to open fake bank accounts or take out loans in the names of unsuspecting customers.

Posted by Justin Payton in Adware, Spyware and Trojans at 10:20

A new computer virus is spreading across the Internet, but security experts say that it hasn't resulted in much damage and that its impact is primarily psychological.

The virus, called Conficker or Downadup, first appeared in November but has recently become more prevalent, infecting millions of machines by some estimates.

Technically it's a worm, a kind of malicious software that automatically spreads itself from computer to computer. The cyber-security community is up in arms because worms haven't been an issue for years.

Over the course of the decade, computer hackers shifted their techniques away from rapidly spreading worms — people will remember worms like "Blaster" and "Melissa" that shut down entire offices for a day or two — towards targeted snippets of code that are harder to detect.

Posted by Justin Payton in Adware, Spyware and Trojans at 11:05

Jan. 23 (Bloomberg) -- A computer worm called Downadup is still spreading and infecting corporate computers and servers, making it the most severe virus outbreak in years.

About 1.2 million networks were contaminated as of yesterday, Mikko Hyppoenen, chief research officer at Helsinki- based Internet security software maker F-Secure Oyj, said in a telephone interview. That’s up from less than a million reported on Jan. 20.

The virus, also know as Conficker, infects computers and servers running on Microsoft Corp.’s Windows operating system, according to F-Secure. The worm typically blocks users from accessing their accounts and also spreads through infected USB sticks. F-Secure posted a warning about the virus on its Web site on Jan. 7. The virus is different from other outbreaks because it mainly affects corporations and not home computers.

Posted by Justin Payton in Adware, Spyware and Trojans at 18:09

Few noticed on Christmas Eve when the news broke that electronic payment services firm RBS WorldPay had been hit by hackers who stole personal data on 1.5 million consumers. After all, that's small potatoes these days. But when Heartland Payment Systems announced on Inauguration Day that it had suffered a serious security breach, some experts noticed a pattern -- and not just the companies' standard penchant for releasing bad news on days while the public is distracted.

"I have heard that the payment processers are the main target for hackers now," said Avivah Litan, security expert at consultancy firm Gartner.

Heartland has not released an estimate of the number of accounts impacted by the attack, but Litan said it might be the biggest data leak ever: The firm handles 100 million transactions every month for 250,000 clients. Heartland has said it was alerted by Visa and MasterCard to a pattern of fraud on its networks last fall, but only discovered the security hole in its network last week . That gave hackers access to potentially hundreds of millions of transactions over several months.

The largest known data leak to date involved retailer TJ Maxx, which lost the data on 45 million credit cards in 2007. But this time, there are signs the haul, and the targets, might be astonishingly large.

In its release, Heartland said it was the victim of a "widespread global cyber fraud operation." CFO Robert Baldwin told the Wall Street Journal that the firm had been targeted by malicious software that was "light-years more sophisticated" than standard computer viruses. Those ominous statements, combined with the news about RBS WorldPay, suggests to Litan that hackers have now trained their relentless keyboards on payment processing firms.

Few American consumers have ever heard of Heartland or RBS WorldPay. But these firms -- and others including First Data, TSYS, and Nova Information Systems -- regularly capture and transmit personal information about nearly every American.

Payment processors handle credit-, debit- and gift-card transactions from the moment you swipe your card at a store until your bank debits your account and adds the money to the store's account. These are complicated processes -- the processor must make sure you have the money (or the credit limit) to afford the purchase, then tell your bank to send money to the store's bank. Often, third-party firms – such as software companies that manage store cash registers – add to the complexity.

Right now, consumers have no way of knowing if their data was stolen RBS WorldPay or the Heartland attacks; they may never find out. Retailers rarely advertise which payment systems they use. Heartland has said publicly that nearly half of its transactions come from restaurants, but has declined to identify its clients. It’s also declined to identify consumers who might be victims.

Posted by Justin Payton in Adware, Spyware and Trojans at 09:55