Massive Cyberattack Steals eBay Data
- By Ginger Hill
- May 21, 2014
Calling all 112 million “eBayers!” Looks like it’s your turn to change your passwords! eBay recently discovered a cyberattack that compromised one of their databases containing encrypted passwords. Encryption is safe, though, right? So, users should have nothing to worry about. Wrong! These passwords can be decrypted through publically available tools.
Other non-financial data was exploited, as well, such as names, email addresses, phone numbers, addresses and date of birth, but officials have noted that no other personal information was exposed. (I assume they're referring to credit card numbers because the non-financial data that was exploited is still personal information.)
Apparently the attack took place late February/early March when attackers got their hands on a group of employee log-in credentials that allowed access to the database housing encrypted passwords. It wasn’t until two weeks ago that eBay became aware of this breach due to a detailed forensic analysis.
But, don’t worry about PayPal data as it was not involved in eBay’s breach. Besides, PayPal data is kept on a separate network with higher levels of encryption.
It is highly recommended that all eBay users change their passwords immediately. Also, as a reminder, most of us are guilty of using the same password on multiple sites. If this is the case with your eBay password, be sure to change your passwords at those other sites too as a safety precaution.
Photo credit: 360b
Ginger Hill is Group Social Media Manager.