For hundreds of thousands of eager job hunters out there, one of the quickest way to get their resumes out to perspective employers is using the online job site from Monster Worldwide (NASDAQ: MNST), Monster.com.

It all seems easy enough; just post your resume and wait for the job offers to roll in. Well, it has been discovered that hackers have cracked into the site's database in order to garner personal information that could help them tailor targeted "phishing emails" to the site's users.

"Phishing" is a long running problem for unsuspecting internet users, where users get e-mails -- seemingly from respected companies -- that convince them to log into various sites and turn over personal information. The most lucrative phishing programs come to users from sites pretending to be bank institutions, or large internet sites such as eBay.com. These try to get the users to log onto the sites and update passwords, or something similar.

TJX Cos. (NYSE:TJX) has admitted that hackers stole 45.7 million credit and debit cards from its computer network over an 18-month period in what one analyst described as the biggest theft of its kind ever, according to the Associated Press.

The owner of TJ Maxx and Marshall's, which first disclosed the thefts more than two months ago, outlined the extent of the problem in a filing with the Securities & Exchange Commission, the AP said, adding that 45,000 customers who returned merchandise also had their personal data stolen.

This is a public relations disaster.

The company should have disclosed to customers as much information as it could in January without jeopardizing any investigations. People would've grumbled, but they would have understood the situation because computer thefts are a fact of modern life.

Since the company waited to disclose the extent of the problem, TJX made customers even angrier than they would have been otherwise. Winning them back won't be easy.

It's no wonder that the company is being sued by invidiudals and investigated by the Federal Trade Commission.

The lesson here for companies is that it's a bad idea to bury bad news in an SEC filing. That information is easily accessible and somebody will read it eventually.

I can't remember when I last used a human broker.

A recent article in the Washington Post, however, points out certain risks involved in online trading. For example, in the third quarter, E*Trade suffered losses of $18 million because of hackers, mostly from Eastern Europe and Thailand. The company is not alone. TD AmeriTrade also had losses, but the amount was not disclosed.

Interestingly enough, the frauds are a new form of pump-and-dump. That is, a hacker takes over a customer's account and buys certain micro-cap stocks, allowing for a quick payday.

How do these hackers accomplish all this? It looks like they use spyware, which is often secretly installed on computers at libraries, airports and other public places.

The good news is that online brokers are making their customers whole. However, the law does not require them to do so.

I interviewed Scott Mitic, who is the CEO of TrustedID, a company that develops software to combat identity theft. According to him, "The increase in brokerage account fraud just shows that the target is always moving, as identity thieves hone in on the next easy target. It's a game of whack-a-mole; the thieves pop up tomorrow where no one is looking today. The lesson for American consumers is to be vigilant. Double-check URLS when logging into accounts. Use recently updated anti-spyware software. Don't trust any email you get from a bank. Avoid giving personal information to anyone who calls you, even if your caller ID appears to identity the caller as a company you know and trust. We're in an era where the problem isn't going to go away; as consumers we all just need to get smarter."

Tom Taulli is the author of various books, including the Complete M&A Handbook and operates InvestorOffering.com.