eBay today asked all its users to reset their passwords after confirming a cyber-attack on Wednesday. At first the company posted an unclear message about the security incident on PayPal’s community homepage and press page (which was later removed silently). The unclear announcement was picked up by Engadget. Later on, eBay officially confirmed that it’s a victim of a cyber-attack that “compromised a database containing encrypted passwords and other non-financial data.” The company now asks all its users to reset password of their eBay accounts.
eBay Security Breach Information
The company confirmed about the security breach, said, a small number of eBay employees accounts were compromised. The compromised eBay accounts allowed cyber attackers unauthorized access to eBay’s corporate network. The database compromised between late February and early March, included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth.
eBay confirmed that the no financial information or other confidential personal information was in the compromised database. The cyber attackers got in the system through a few compromised employee log-in credentials.
The company confirmed that PayPal’s database was not affected by the hack attack. All the financial data of PayPapal is encrypted. Also, all PayPal data is stored separately on a secure network. All eBay Marketplaces (ebay.com) accounts are compromised but the company have no evidence of unauthorized access to other sites that are operated by eBay Marketplaces such as StubHub, eBay Classifieds, Tradera, Gmarket, GumTree or GittiGidiyor.
eBay users will receive a notification about the incident via email, site communications and other marketing channels. The notice will urge all users to change their password. In addition, the company is also going to ask users to change their password on other sites where they may used the same password.
You may refer to the articles below for some good security tips!
Source: eBay Inc.