August 21, 2007

August 17, 2007

Name, contact information, employment information, employer login information

Anyone who registered information on the monster site may have been affected. Job seeker records were breached when hackers obtained access to employer login information leading them to contact information for job seekers. Individuals affected will be notified via email.

Additional information related to this breach can be found at:

The multi-stage hacking attack involved accessing the job seeker database server and downloading a Trojan file to move the gathered information. Emails with links to at least two forms of mal-ware were then sent to monster.com users. One attempts to harvest login details for financial sites, while the second tries to encrypt data on the user’s PC then demands a ransom to decode the data. Monster suggests individuals that receive an email related to their account to report it to siteabuse@monster.com to verify the legitimacy of any requests for information or suggestions to download updates from Monster.com. Also, run an anti-virus application to remove anything that may have been installed on their PC. If you feel you are a victim of identity theft as a result of this breach, contact the Office of Privacy Protection at (800)422-7128 or email us at wisconsinprivacy@wisconsin.gov.

August 7, 2007

July 2007

Name, address, phone number, SSN, employment information

33,000 Merrill Lynch employees primarily located on the east coast, however it may affect some Wisconsin based employees.

A computer device apparently was stolen from a corporate office in New Jersey containing sensitive personal information, including Social Security numbers of employees. Those affected will be notified by Merrill Lynch.  If you are one of the affected individuals, place a fraud alert on your credit report.