[31.03.2008 first posted on silicon republic]
A security breach occurred on job-seekers site Jobs.ie late on Thursday 27 March, when what the company described as a ’small number’ of CVs were illegally downloaded by a third-party that hacked the site and gained access to the database.

Several CVs were downloaded before Jobs.ie was alerted. While the company has not yet given exact figures on the number of its members who had private data stolen, it says an investigation is now under way with details and figures possibly being released this afternoon.
All site members whose CV was downloaded illegally were contacted immediately by Jobs.ie and alerted to the hacking. One of the affected individuals passed on details of this email to siliconrepublic.com.
The email stated: “Unfortunately your CV was one of the records taken. I understand and apologise for the concern this will cause you and I want to assure you that we are taking steps to prevent this happening again.”
The email, signed by Huw Taylor, general manager of Jobs.ie, goes on to warn those whose personal data has been compromised to “exercise extra caution while conducting online activity”.
It warns users of the possibility of being contacted by someone claiming to be a reputable company and asking for personal details or banking information.
Brian Honan of online security consultancy BH Consulting says on his firm’s official http://bhconsulting.blogs365.org/wordpress that there are no mandatory breach disclosure laws in Ireland and that Jobs.ie should be “commended for coming clean about the incident” and doing so within 24 hours of the breach.
An IT professional whose CV was one of those downloaded from Jobs.ie told siliconrepublic.com: “The worst that could happen is identity theft. It depends how much information you have on your CV too, some people are really foolish and put on PPS numbers and all sorts. Stealing CVs can be really handy for guessing or resetting peoples passwords.” Because most people would include an email address and mobile phone number on their CV, he said that as well as phishing or identity theft, there was also a risk of spamming.
Anthony Gibbons, another affected Jobs.ie member, said to siliconrepublic..com: “This is far more significant than the loss of encrypted personal data from the blood services. “The fact that this information was illegally gathered increases the possibility of it being illegally used. This would include seeking personal loans and credit cards, identity theft, seeking false ID such as a driving licence or birth certificate, and identity cloning.”
By Marie Boran