eBay data compromised - Change your Passwords

Status
Not open for further replies.

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
eBay Inc. said beginning later today it will be asking eBay users to change their passwords because of a cyberattack that compromised a database containing encrypted passwords and other non-financial data.

After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats.

However, changing passwords is a best practice and will help enhance security for eBay users.

What was compromised?

Cyberattackers compromised a small number of employee log-in credentials, allowing unauthorized access to eBay’s corporate network, the company said.​

When it happened?

The database, which was compromised between late February and early March, included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth. However, the database did not contain financial information or other confidential personal information. The company said that the compromised employee log-in credentials were first detected about two weeks ago. Extensive forensics subsequently identified the compromised eBay database, resulting in the company’s announcement today.​

Is PayPal safe? Yes

The company said it has seen no indication of increased fraudulent account activity on eBay. The company also said it has no evidence of unauthorized access or compromises to personal or financial information for PayPal users. PayPal data is stored separately on a secure network, and all PayPal financial information is encrypted.​

When should I change my password(s)? Immediately

Beginning later today, eBay users will be notified via email, site communications and other marketing channels to change their password. In addition to asking users to change their eBay password, the company said it also is encouraging any eBay user who utilized the same password on other sites to change those passwords, too. The same password should never be used across multiple sites or accounts.​
 
I

illumination

included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth.

Not only do they now know where you live, but have just enough information to make all the fake accounts they wish too..
would like to know how the financial information which would be tied to each individual account was not included in this.

P.S. thanks for the heads up, just went in and changed the password..
 
Last edited by a moderator:
  • Like
Reactions: Ink

McLovin

Level 76
Verified
Honorary Member
Malware Hunter
Apr 17, 2011
9,222
You'd thought from a big company like eBay they would have measures that would prevent this, guess I was wrong.

Already found out about this, from a mate down in NSW, changed mine already.
 
  • Like
Reactions: Ink
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top