As promised, here is a fairly up-to-date post on a piece of security news. Monster.com, a popular job site, was breached last Friday. The intruder made off with names, phone numbers, email addresses, and passwords of job seekers. Apparently, this is their second major breach.

I vaguely remember registering an account with them before. I’m not sure, but I’m not particularly bothered anyway as I’ve change my email address and password since. It did get me thinking though.

Let’s face it. All sites will be breached at one point or another. It’s simply a matter of minimizing the damage. One feature that I wish for, but rarely see, is the ability to delete or disable an account. I appreciate that it may not always be practical to delete an account for various reasons. However, users should at least be able to disable an account and remove any sensitive information that are no longer required. In a day and age where identity theft is a common occurrence, developers really should take more responsibility in safe-guarding user data.

I haven’t been to Monster.com for yonks, so I’m not sure if they have any such measures in place. Details on the breach is scarce at the moment. I suppose the forensic investigation is underway. In the mean time, check out Monster.com warns job seekers of breach for a more detailed story.