Hacker claims breach of 50, 000 accounts from Wall Street IT recruiting firm

[InfoSec News <alerts () infosecnews org>]

https://www.computerworld.com/s/article/9229336/Hacker_claims_breach_of_50_000_accounts_from_Wall_Street_IT_recruiting_firm

By Jaikumar Vijayan
Computerworld
July 18, 2012

A hacker today claimed to have broken into ITWallStreet.com, a website 
for IT professionals who are seeking Wall Street jobs or working with 
Wall Street firms, and exposed highly detailed data belonging to tens of 
thousands of job applicants.

As many as 12 data files containing detailed information on job 
applicants were publicly posted today after they had apparently been 
accessed from an ITWallStreet database by a hacker who's a member of a 
group called TeamGhostShell.

A Computerworld inspection of the published data showed the first and 
last names, mailing addresses, email addresses, usernames, hashed 
passwords and phone numbers of what appear to be thousands of people who 
have applied for IT jobs with Wall Street firms. Many of the thousands 
of hashed passwords appear to have already been decrypted into their 
clear text form.

The data dump included details such as salary and bonus expectations of 
the job seekers and even feedback on specific candidates. One of the 
published files, for instance, contained snippets of email exchanges 
presumably between recruiters and account managers discussing the 
viability of certain candidates for specific jobs.

[...]


--
Learn how to be a Pen Tester, CISSP, ISSMP, or ISSAP with Expanding Security online.
Come to a free class and see how good and fun the program really is.
http://www.expandingsecurity.com/PainPill