Skip to main content

Change your recruitment website cpjobs.com account password immediately

Release Date: 3 Sep 2017 2671 Views

Yesterday (2/9), a recruitment website cpjobs.com made a statement to the users, said on August 28 and 30, their site was attacked twice and hackers stole the user information and account password. HKCERT advises affected users to change passwords immediately in order to protect their data. If you suspect there is any criminal offenses due to the theft of personal information, report to the Police as soon as possible.

 

If an attacker compromised user account and password, he may login the account and access the user's private information (such as personal resume). We strongly recommend users of cpjobs.com change their passwords immediately. If a user is using the same ID (email address) and password on other online services, it is time to change them and use different new passwords for each service.

 
Here are some tips for choosing a good password:
  • Use at least eight characters long password.
  • Use combination of different character types in a password, e.g. upper and lower case letters, numeric and symbol characters.
  • Use passwords that are hard to guess but easy to remember.
  • Change your password regularly.
  • Do not use the same password for different online services.
 
Other attackers may take advantage of this incident and send out phishing email or perform social engineering attack. Never change your passwords by clicking the URL in an email that you did not request. You should also be cautious when you receive posts or messages with suspicious URLs, even if the sender claims to be your friends. Check the URLs before you click on it. 
 
To learn more about the methods of account management and enhance security, please refer to "Personal Internet Service Account Security Management" Security Guideline [/my_url/en/guideline/16022401] provided by HKCERT.

 

HKCERT also advises all webmasters to conduct security assessment regularly, identify and rectify security vulnerabilities early and prevent hackers from attacking.

 

To learn more about how to secure your web servers, web applications and database servers, please refer to "Guideline of Web Security" Security Guideline [/my_url/en/guideline/13070902] provided by HKCERT.