Revealed today, May 21, 2014, that
eBay Inc. (Nasdaq: EBAY) said beginning later today it will be asking eBay users to change their passwords because of a cyberattack that compromised a database containing encrypted passwords and other non-financial data. After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users.
What and when did it happened?
Cyberattackers compromised a small number of employee log-in credentials, allowing unauthorized access to eBay’s corporate network. With that access, they got their hands on the data they really wanted. The compromise was discovered about 2 weeks ago but the real attack took place back between late February and early March.
What’s been compromised?
The database that contains eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth.
Fortunately, the database that was compromised did not contain financial information or other confidential personal information. Therefore, no need to worry about your PayPal account for the time being.
What should we do?
Simple as usual, if you are an eBay user, time to change your password.
To change your eBay password, log into your account, click your name in the upper left corner. Select Account Settings. Click Personal Information on the left side of the page, and Edit next to your password.
If you don’t use eBay but do use PayPal, don’t bother.