The Guardian Jobs website has come under attack from a 'sophisticated and deliberate hack' that has exposed sensitive data, according to an email sent to affected users on Saturday.
The breach is related to data submitted by people who have applied for a job via the Guardian Jobs site. The intruders may have got access to the personal information in those applications, according to the email.
"We have been assured by our provider that the system is now secure and we have identified and contacted everyone who may have been affected," Guardian News and Media said in a web page about the breach.
The system supplier has identified the hack, and the e-crime unit at Scotland Yard is investigating, the Guardian said. The publisher said it found out about the break-in on Friday evening.
The Guardian, which said it is "treating this situation with the utmost seriousness," has not indicated what, if any, steps it will take to help affected users recover from the breach and protect them from the misuse of their personal data.
However, it has provided a list of police-endorsed steps that people can take as a precaution. These include consulting a credit reference agency such as Equifax to "resolve the situation and prevent it happening again," paying CIFAS to place a fraud alert on your credit file and visiting the banksafeonline.org.uk for information.
The Guardian has not provided a dedicated email address for users to contact them about the breach. Instead, it is urging people to visit its page about the breach.
"The fact that they allowed this to happen is one thing, and while I applaud thair openness in swiftly notifying those of us who might have been affected, the attitude that the problem is now entirely ours is outrageous," one affected user, who wished to remain anonymous, told ZDNet UK on Saturday.