Establishing Digital Trust: Don't Sacrifice Security for Convenience
Risk Based Security researchers report that hacker ProbablyOnion, who claimed responsibility for last week's breach of Boxee.tv, recently published information on 36,802 users of the employment Web site BigMoneyJobs.com (h/t Softpedia).
"Yay, this time we rape a job site, 36k+ members, plain-text passwords :)," the hacker tweeted on April 2, 2014, along with a link to a 5.94 MB Excel spreadsheet containing the stolen data.
The exposed data includes each user's full name, home address, phone number, e-mail address, Web site registration information and plain text password.
"Based on conversations in online forums, the 'members' table of the database apparently contains both employees' and employers' credentials, and that the breach was carried out via a basic SQL injection attack," the researchers write.