For IT professionals looking for work on Wall St. the latest personal-data security breach hits close to home. A hacker released what are alleged to be thousands of resumes and other hiring-related correspondence obtained from ITWallStreet.com, an employment website.
For firms it should be one more stark reminder that the reputations of both companies and their customers or clients can be at risk from data security failures.
The hacker, using the name "Masakaki," is a member of the hactivist group TeamGhostShell, and claimed to be acting in support of the Occupy Wall Street movement. Andiamo Partners, the recruiting firm that operates ITWallStreet.com, has not yet confirmed or denied the hactivist attack. No details of how the exploit was carried out have yet been reported.
The materials that Masakaki put on line, however, are filled with personal details about IT professionals seeking positions at financial-industry firms. A total of 50,000 accounts were compromised, including detailed resumes from 3000 prospective employees.
These were not LinkedIn resumes intended for public viewing. They were confidential personal communications, filled with details ranging from Social Security numbers to salary expectations.
Also included in the compromised data were communications between recruiters and prospective employers, discussing the qualifications of specific candidates applying for specific jobs. Salaries discussed in the correspondence ranged up to $400,000, and some of the emails specifically mentioned vice-president positions at financial firms.
