The Monster.com mess

Computerworld has a good update by Gregg Keizer on this developing story.

The last thing you need when you're unemployed is a bank account that's suddenly emptied. But that's exactly what some unwary users of employment search site Monster.com faced after identity thieves made off with the personal information of more than a million people looking for jobs.

This still-developing story has enough nooks and crannies to confuse a gumshoe, but some facts are clear: Monster's resume database was looted, and the personal information taken was used to forge convincing messages that deposited password-stealing Trojans and ransomware on users' PCs.

Calculated and ambitious, the attack is striking for how it blended several elements -- stolen credentials of legitimate users, phishing e-mails, Trojan horses, money mules and more -- into a slick assault. Here's what we know so far.

Worst Data Breaches Ever

Collected and summarized by eWeek.com.

The oldest of the 17 breaches they "honor" happened in February 2005. It is difficult to separate the effects of stricter reporting requirements and escalation of both criminal activities and organizational negligence, but it seems clear that the situation is not getting any better.

Beware of assuming that your data is not at risk if you don't go online, or only practice safe e-commerce. We are all at the mercy of every organization that has collected data on us, whether we know about it or not.

Updated to add: Computerworld adds "Your data's less safe today than two years ago."

New ACM / Infosys Foundation Award

ACM and Infosys have announced the creation of a new annual award that recognizes young scientists and system developers whose contemporary innovations are having a dramatic impact on the computing field. The prize will be $150,000.

If you know someone who deserves such recognition, please check the nomination procedures--and then follow them. Much of my advice on making the case for an ACM Fellow is also applicable to this new prize.

By the way, Intel and Google have jontly raised the prize associated with the Turing Award to $250,000, comensurate with its status as computing's highest professional honor.