Application security, Breach, Data Security, Malware, Phishing

Attack on affects 146,000 subscribers

About 146,000 users of had their personal information compromised in recent attacks on, the U.S. Office of Personnel Management (OPM) disclosed this week.

The breach affected approximately eight percent of the two million users, OPM announced in a news release on Wednesday.

Monster administrates the website for OPM, the agency in charge of the civil service.

Information breached in the attack includes names, email addresses and telephone numbers. No Social Security numbers were compromised, according to OPM.

The breach was part of a multi-layered attack on Monster, in which hackers used credentials to access the site, then spread a trojan to capture names, email addresses and telephone numbers of job seekers.

That stolen information was used to deliver spear phishing emails to job seekers, requesting financial details or recruiting individuals to join the scam.

Experts have told that such multi-layered attacks will become more common in the future.

OPM published a security notice on and reminded users that they will not be asked to provide personal information in unsolicited emails.

Users of the website who receive phishing emails should report them to [email protected], according to OPM.

OPM is sending letters to all affected subscribers. 

OPM spokesman Peter Graves told that the agency should complete email notification of all 2 million users today. Monster officials said this week that they're beefing up security measures in response to the recent data theft that exposed the personal information of 1.3 million subscribers.


Click here to email Online Editor Frank Washkuch.

Click here for the latest SC Magazine Podcast - Aug. 27: A monster (.com) of a data breach

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.