Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
SUBSCRIBE
Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
Zerosecurity
No Result
View All Result
Home Technology News

Hacker claims breaching of 50k accounts from IT recruiting firm

Paul Anderson by Paul Anderson
July 19, 2012
in Technology News
1
wall street sign
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

wall street signA hacker today claimed to have broken into ITWallStreet.com, a website for IT professionals seeking jobs or working with Wall Street firms, and exposed highly detailed data belonging to tens of thousands of job applicants.

You might also like

Megaupload Plans to Return After 5 Years

Clinton pledges to grow the technology sector

Twitch.tv punishes view bot maker with a lawsuit

As many as 12 data files containing detailed information on job applicants were publicly posted today after apparently being accessed from an ITWallStreet database by a hacker belonging to a group called TeamGhostShell.  A Computerworld inspection of the published data showed the first and last names, mailing addresses, email addresses, usernames, hashed passwords and phone numbers of what appear to be thousands of people who have applied for IT jobs with Wall Street firms. Many of the thousands of hashed passwords appear to have already been decrypted into their clear text form.

The data dump included details such as salary and bonus expectations of the job seekers and even feedback on specific candidates. One of the published files, for instance, contained snippets of email exchanges presumably between recruiters and account managers discussing the viability of certain candidates for specific jobs.

Another file contained thousands of phone call records apparently between recruiters and candidates, containing details such as the phone number dialed, the time, date and duration of the call. One contained a list of references apparently supplied by the job candidates.

The salary expectations of job candidates ranged from $40,000 to more than $400,000 suggesting that ITWallStreet’s breached resume database included everyone from entry-level IT professionals to senior technology executives. In fact, several of the published email exchanges referred to candidates who appeared to have applied for vice-president level positions at Wall Street firms.

One of the published files contained a detailed listing of what appeared to be hundreds of clients of ITWallStreet.com. The list contains virtually every major Wall Street firm including Morgan Stanley, Goldman Sachs, Nasdaq, Dow Jones, Moody’s and Wachovia Bank.

Andiamo Partners, the New York-based recruiting firm that operates the website did not confirm or deny the breach. A spokeswoman said the company would respond later, presumably after verifying the claims. It was not immediately possible to confirm if any of the posted data came from the company’s database or pertained to IT job applicants as claimed by the hacker.

It was also difficult to immediately verify how many people may have been affected by the breach.  According to “Masakaki,” the hacker who claimed credit for the breach, more than 50,000 accounts pertaining to “current, past, and rejected IT personal (sic) from Wall Street” have been compromised. Masakaki claimed to have more than 3,000 resumes “to trade them on the black market.”

In a statement announcing the breach, Masakaki suggested the attack was meant as a show of support for the Occupy Wall Street movement. The hacker claimed to belong to “MidasBank,” a group that is part of TeamGhostShell, according to the statement.

“GhostShell has been leaking left and right all kinds of targets, well we’re here to bring some sort of order to it which is why this district will function solely to provide leaks from an economical point of view,” the statement noted. “What better target to pick as a first release, than the place that puts all markets to shame in the world. Wall Street. IT Wall Street owned,”

the statement read.

According to Andiamo’s website, the firm is the leading technology recruiting firm for the financial services sector. The company helps Wall Street firms find IT staff in areas such as development, infrastructure, database and process management.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar’s RSS feed. His e-mail address is [email protected].

See more by Jaikumar Vijayan on Computerworld.com.

Read more about security in Computerworld’s Security Topic Center.

Tags: claimhackernewstech
Share30Tweet19
Paul Anderson

Paul Anderson

Editor and chief at ZeroSecurity. Expertise includes programming, malware analysis, and penetration testing. If you would like to write for ZeroSecurity, please click "Contact us" at the top of the page.

Recommended For You

Megaupload Plans to Return After 5 Years

by Paul Anderson
July 15, 2016 - Updated on May 26, 2022
0
Megaupload Plans to Return After 5 Years

The huge file-sharing website, Megaupload is scheduled to relaunch, five years after being raided and shut down by the FBI. After its owner, Kim Dotcom, was detained and...

Read more

Clinton pledges to grow the technology sector

by Paul Anderson
July 2, 2016
0
Clinton pledges to grow the technology sector

Speaking in Denver on Tuesday at a startup incubator called Galvanize, Democratic presidential hopeful Hillary Clinton made quite a few proposals concerning intellectual property and called for administrative...

Read more

Twitch.tv punishes view bot maker with a lawsuit

by Paul Anderson
June 21, 2016
0
Twitch.tv punishes view bot maker with a lawsuit

Twitch has had it with bots that unnaturally increase view counts for videos. The game-streaming company is now handing out lawsuits to programmers of these bots. In a post...

Read more

DMCA requests quadruple in two years says Google

by Kyle
June 20, 2016
0
DMCA requests quadruple in two years says Google

Google has been bombarded with DMCA takedown requests. The corporation has seen the volume of takedown notices from rights holders quadruple over the last two years. In 2016...

Read more

FBI in possession of 411 Million facial recognition photos

by Paul Anderson
June 18, 2016
0
FBI in possession of 411 Million facial recognition photos

Privacy specialists are disputing this week the FBI, which keeps a massive – and apparently even bigger than anticipated database of facial recognition photos, isn't doing enough to...

Read more
Next Post
XSS Cookie Monster (Stealing Session ID/Cookie)

XSS Cookie Monster (Stealing Session ID/Cookie)

Related News

NSA intercepting U.S. Routers

NSA intercepting U.S. Routers

June 6, 2014 - Updated on March 17, 2023
Netwire RAT seized by FBI and other worldwide police agencies

Netwire RAT seized by FBI and other worldwide police agencies

March 16, 2023
The Emotet botnet returns and is sending a slew of malicious emails

The Emotet botnet returns and is sending a slew of malicious emails

March 14, 2023
Zerosecurity

We cover the latest in Information Security & Blockchain news, as well as threat trends targeting both sectors.

Categories

  • Crypto
  • Data Breaches
  • DotNet Framework
  • Downloads
  • Exploits
  • Exploits
  • Information
  • Legal
  • Malware
  • Malware Analysis
  • Mobile Security
  • Paper Downloads
  • Piracy
  • Privacy
  • Programming
  • Public
  • Security
  • Security
  • Software & Service Reviews
  • Technology News
  • Tools
  • Tutorials
  • Video Tutorials
  • Whitepapers
  • Zero Security
  • Contact Us
  • List of our Writers

© 2022 ZeroSecurity, All Rights Reserved.

No Result
View All Result
  • Home
  • Security
  • Exploits
  • Data Breaches
  • Malware
  • Privacy
  • Mobile Security
  • Tools
  • Contact Us
  • Privacy Policy

© 2022 ZeroSecurity, All Rights Reserved.