The recent hack of Monster.com servers may have exposed far more job seekers than originally believed. While the original estimate suggested a few hundred thousand users might be affected, the estimates have quickly risen to 1.3 million users with a caution from Monster that not only could the final numbers be much higher, but this might not have been the only security breach of their web site.

Perhaps the only good thing about this and other data breaches is that there are lessons to learn. For example, the Identity Theft Resource Center, a great victim resource based in San Diego recently issued some advice to job seekers that could help minimize the risk of a resume or job application being turned into an identity theft.

For example, you should always leave the following information out of a resume or job application (at least until you have no choice):

- Your Social Security number: an employer doesn't need that until they're ready to hire you, and even then you need to make sure the company and job offer are legitimate.

- The dates you attended various schools, because many authentication security questions use this information (for accessing online bank accounts, for example).

- Your home address; a city and state should be more than enough on your resume.

- Your date of birth should also be unnecessary until you're offered the job. 

- Professional certifications and memberships: these can make it too easy for a thief to socially engineer you into opening an infected email from what you believe is a trusted source. 

- And keep your drivers license number to yourself as well.

But as the Monster data breach showed, the risk is not only that thieves will steal your personal information from an exploited database, but that they are now learning to use the stolen information to create phishing attacks on users.

In other words, using the stolen information to trick job seekers into providing even more personal information, participating in fraudulent schemes, or downloading information-stealing Trojans.