The theft of contact information for job seekers in the database of Monster Worldwide Inc. may have been much greater than the 1.3 million individuals reported earlier this month, chief executive Sal Iannuzzi said yesterday.
While investigating the recent theft, the company learned that its website had previously been hacked.
"We're assuming it is a large number. It could easily be in the millions," Iannuzzi said in an interview with Reuters.
To be safe, he said, all Monster.com users should assume that their contact information has been taken.
The company, which has its US headquarters in Maynard, said earlier the theft of confidential information was not an isolated incident, and said the scope of illegal activity was impossible to pinpoint.
Monster is stepping up surveillance of site traffic, boosting its security staff, and contacting users about ways of protecting their privacy. "I want to be clear and I want to be frank: There is no guaranteed fix," Iannuzzi said. "I wish I could say . . . there will be absolutely no way that the Monster site can be compromised. I cannot ever make that promise, and no Internet company can."
So far, the company has found no evidence that the data thieves were able to take included financial information, he said.
About 200 to 300 job seekers have canceled their accounts as a result of the security issue, the chief executive said, but those have been offset by an upswing in new accounts. A "handful" of employers have canceled their accounts, Iannuzzi said.
The company, which said last month it would invest $80 million to $100 million over 18 months to improve its technology, will dedicate "a large measure of that money" to fixing the security issue, Iannuzzi said.
The New York Times Co., parent company of The Boston Globe, has an alliance with Monster to sell help-wanted advertising.