Hackers target the Guardian's jobs website

THE GUARDIAN NEWSPAPER has admitted that its jobs website has been deliberately targetted by sophisticated hackers and that a huge amount of personal data might have been stolen.

Guardian Jobs is the main source of situations vacant advertising for media lovies and publishing types in the UK, and an email sent to registered users yesterday warns that anyone who has ever made one or more job applications using the site is at risk.

From what we can tell, any personal information included in such applications has been stolen and could very easily be used to allow identity theft and worse.

The breach has been reported to the central e-crimes department at Scotland Yard but, according to a statement from the newspaper, police are keeping their cards close to their chests in an attempt to catch the hackers. "The police remain anxious to keep information about the apparent theft to a minimum, in order not to compromise their investigations, but did agree with us that we could inform those users who may be affected.

"We stress our regret that this breach has occurred. This is apparently a deliberate and sophisticated crime, of which the Guardian is a victim in addition to some of our users," the statement said.

Red-faced officials are now saying that the company that runs the website on behalf of the newspaper has identified how the hackers got in and has plugged the gaping hole. "We have been assured by our provider that the system is now secure and, in line with the Information Commissioner's guidance on data protection, we have identified and contacted, or attempted to contact, everyone who may be at risk," the statement continues.

Although the Guardian insists that no financial or banking details were included in the stolen data, it is also advising that anyone who thinks they might be affected should jump through a series of complicated hoops at their own expense.

Suggestions include contacting your creditors so that they can monitor your accounts, paying a credit reference agency to make sure no one is applying for credit in your name and registering with the CIFAS fraud prevention service.

Up to 500,000 records might have been stolen and the vast majority of these will include past employment details, date of birth and current mailing address - more than enough information to apply for a loan or credit card.

Newspaper bosses insist that every person affected has been emailed to let them know that their personal data is currently in the hands of a pack of thieves, but that will be of little use to anyone who doesn't regularly check their email inbox, or who has recently changed their email address. Some of the data is, according to the Guardian, up to two years old.

The fact that the Guardian is suggesting that its users are responsible for protecting their own identities and assets after such a serious breach is bound to cause a massive backlash.

Heads are expected to roll. µ