eBay database compromised, change your password now

Pierluigi Paganini May 21, 2014

The giant eBay suffered a serious data breach which exposed data in its database. Customer information, including personal data and password were violated.

The Giant Ebay is victim of data breach, during a cyber attack the hackers violated company database accessing to personal data and user credentials. In response to the incident the company is notifying its customers to change password to protect their account and financial information.

Ebay issued an official statement informing customers that company database was compromised between February and early March, the attackers accessed to customers’ data, including name, encrypted password, email address and other information.

The database, which was compromised between late February and early March, included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth. However, the database did not contain financial information or other confidential personal information. The company said that the compromised employee log-in credentials were first detected about two weeks ago. Extensive forensics subsequently identified the compromised eBay database, resulting in the company’s announcement today.

According the official statement the company has no evidence of increased fraudulent account activity on eBay, the compromised database “did not contain financial information or other confidential personal information.”

ebay hacked statement

The eBay statement also added that hackers compromised employee log-in credentials, the internal security team first detected the abuse about two weeks ago.

“Extensive forensics subsequently identified the compromised eBay database, resulting in the company’s announcement today.” Cyberattackers compromised a small number of employee log-in credentials, allowing unauthorized access to eBay’s corporate network,” the company said.

Fortunately the attack hasn’t impacted data from PayPal, the payment company uses a separated database.

“For the time being, we cannot comment on the specific number of accounts impacted,” “However, we believe there may be a large number of accounts involved and we are asking all eBay users to change their passwords.” reported spokeswoman Kari Ramirez.

There isn’t an official estimation of the number of users affected, but consider that eBay has more than 128 million active users. This data breach could be one of the largest in the history, together to the incident occurred to Adobe last year and the attacks against retail giant Target,  each of these attacks affected more than 100 million of users.

Ebay is informing its users that it is investigating on the incident using the best forensics tools and practices to protect them.

Don’t waste time, if you are an eBay user, change your password urgently!

Pierluigi Paganini

(Security Affairs –  ebay, data breach)  



you might also like

leave a comment