Last Friday, the job hunting website Monster.com announced a data breech:
We recently learned our database was illegally accessed and certain contact and account data were taken, including Monster user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data.
The appropriate and traditional way to handle an intrusion like this is to notify all customers. And require each account password to be changed. However, Monster’s taken the irresponsible, insufficient path of linking a “Security Notice” from their sidebar below the fold without requiring mandatory password changes.
This post serves two purposes: One, if you’ve ever utilized Monster I suggest you change your password ASAP. Second, and more importantly, it’s probably safe to assume mishaps and intrusions like these will continue amongst a wide array of online services – so, as inconvenient as it may be, employ as many unique passwords as you can during your web travels.