-
eBay tells users to change passwords after 'cyber attack'
Ebay urges users to reset passwords after cyberattack
Auction site’s database containing encrypted passwords and personal data has been hacked
Ebay asks customers to reset their passwords after a cyberattack compromised user information. Photograph: Niall Carson/PA
Auction site eBay may have been the target of the biggest-ever online break-in, after hackers broke into a database holding its 233 million customers' personal data.
The site says users should change their passwords after the break-in, which was detected two weeks ago. The breach did not affect financial information, but did affect a database holding customer names, encrypted password, email address, physical address, phone number and date of birth. Ebay hasn't clarified whether personal data besides passwords were encrypted.
In a statement, the auction site said that a database was compromised between late February and early March. PayPal, the payment arm of eBay, released a statement saying it was not affected.
The site has 233 million customers worldwide, and is one of the five biggest credit-card holding sites online. Of those, more than 14m are active in the UK.
The break-in was not caused through the "Heartbleed" flaw in internet servers that received publicity this year. Instead, the hackers "compromised a small number of employee log-in credentials, allowing unauthorised access to eBay's corporate network", the company said.
The attack is even bigger than that which affected the US retailer Target in December, when around 40m customer credit cards were stolen by hackers, who broke into the company's systems. The fallout from that led to the resignation of Target's chief executive in May.
It's also larger than the hack which hit 160m credit and debit cards over a six-year period led by a Russian gang and targeting thousands of bank accounts.
The software company also saw 150m customer passwords and emails leaked following a hack in November 2013.
“Information security and customer data protection are of paramount importance to eBay Inc, and eBay regrets any inconvenience or concern that this password reset may cause our customers,” said an eBay spokesperson. “We know our customers trust us with their information, and we take seriously our commitment to maintaining a safe, secure and trusted global marketplace.”
In through the corporate network
Ebay said it is investigating the compromise working with law enforcement and security experts.
The company said that there had been “no evidence of the compromise resulting in unauthorised activity for eBay users, and no evidence of any unauthorised access to financial or credit card information”.
Users will be prompted by email as well as on-site to change their passwords as a precaution, despite the stolen passwords being encrypted and showing no evidence of being compromised.
Shoppers who use the same password as eBay on other sites are encouraged to change those passwords too.
SOURCE: Hidden Content
Last edited by berley; 21-05-2014 at 05:32 PM.
Reason: to add source
gяσωιηg σℓ∂ ιѕ мαη∂αтσяу; gяσωιηg υρ ιѕ σρтισηαℓ.
If you would like to help with the running costs of the site click below
Hidden Content
Honesty is better than sugar coated bullsh!t
-
Post Thanks - 4 Thanks, 0 Likes
Bookmarks