Ebay Requests All Users To Change Passwords ASAP, Victim Of ‘Cyber Attack’

Attention all eBay users, go ahead and change your password to the auction site. Like, right now -- we'll wait. Take your time, we'll be here when you get back. Finished? Good! Don't worry, it wasn't an arbitrary exercise -- eBay later today will be sending out emails and posting notices asking you to change your password due to a security breach.

Some placeholder pages were spotted online by savvy web users that seemed to suggest a notice was forthcoming. The folks at The Wall Street Journal got in touch with eBay and found out that a cyberattack compromised a database containing encrypted passwords and other non-financial data.

eBay PayPal
Image Source: Flickr (Janitors)

According to eBay, extensive tests revealed no evidence of the compromise resulting in unauthorized activity for its users, nor was any evidence found that would suggest unauthorized access to financial or credit card information -- that information is stored separately in encrypted formats. Nevertheless, eBay will encourage users to change their passwords as a precaution and as a best security practice.

The data breach actually occurred back in late February and early March. Included in the compromised database were customer names, encrypted passwords, email addresses, physical addresses, phone numbers, and dates of birth. Those responsible gained access by using stolen employee log-in credentials, which was first detected about two weeks ago.

Since then, there hasn't been any increase in fraudulent account activity on eBay. That's to say the damage from the cyber-hijinks appears largely contained to compromising some user information, but nothing beyond that.

Show comments blog comments powered by Disqus