14 DAY TRIAL // Jobs website BigMoneyJobs.com has apparently been hacked by ProbablyOnion, the individual who has recently breached Boxee.tv. The details of over 36,000 users have been leaked online as a result of the breach.
Risk Based Security has analyzed the data leaked by the hacker on a TOR service. The names, home addresses, phone numbers, emails and passwords of 36,802 users have been published in a 6 Mb Excel file. The information published online by the hacker appears to belong to both employers and individuals looking for a job.
The passwords are in clear text, which means that the information can be easily abused by cybercriminals.
It appears that ProbablyOnion has exploited an SQL Injection vulnerability to gain access to the data.
If you’ve signed up for an account on BigMoneyJobs, you should change your password as soon as possible. If the same password has been used for multiple online services, you should change all of them.
Furthermore, the email addresses can be used for spam campaigns, so you should be on the lookout for any suspicious messages that might land in your inbox.
I would have reached out to BigMoneyJobs representatives to see if they could comment on the incident, but I haven’t been able to find any contact information on the website.