Jump to content



Photo

eBay Hacked

ebay

  • Please log in to reply
20 replies to this topic

#1 #Michael

#Michael

    Neowinian Senior

  • 6,272 posts
  • Joined: 28-August 01

Posted 21 May 2014 - 13:53

http://www.nbcnews.c...-hacked-n110961

 

If you use it...go change your password!!


http://www.engadget....assword-notice/




#2 OP Max Norris

Max Norris

    Neowinian Senior

  • 5,154 posts
  • Joined: 20-February 11
  • OS: Windows 2012R2, 7, BSD Unix
  • Phone: HTC One (Work) Lumia 1020 (Home)

Posted 21 May 2014 - 13:51

SAN JOSE, Calif.--(BUSINESS WIRE)-- eBay Inc. (Nasdaq: EBAY) said beginning later today it will be asking eBay users to change their passwords because of a cyberattack that compromised a database containing encrypted passwords and other non-financial data. After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users.

Information security and customer data protection are of paramount importance to eBay Inc., and eBay regrets any inconvenience or concern that this password reset may cause our customers. We know our customers trust us with their information, and we take seriously our commitment to maintaining a safe, secure and trusted global marketplace.

Cyberattackers compromised a small number of employee log-in credentials, allowing unauthorized access to eBay's corporate network, the company said. Working with law enforcement and leading security experts, the company is aggressively investigating the matter and applying the best forensics tools and practices to protect customers.

The database, which was compromised between late February and early March, included eBay customers' name, encrypted password, email address, physical address, phone number and date of birth. However, the database did not contain financial information or other confidential personal information. The company said that the compromised employee log-in credentials were first detected about two weeks ago. Extensive forensics subsequently identified the compromised eBay database, resulting in the company's announcement today.

The company said it has seen no indication of increased fraudulent account activity on eBay. The company also said it has no evidence of unauthorized access or compromises to personal or financial information for PayPal users. PayPal data is stored separately on a secure network, and all PayPal financial information is encrypted.

Beginning later today, eBay users will be notified via email, site communications and other marketing channels to change their password. In addition to asking users to change their eBay password, the company said it also is encouraging any eBay user who utilized the same password on other sites to change those passwords, too. The same password should never be used across multiple sites or accounts.


http://investor.ebay...eleaseID=849396

#3 #Michael

#Michael

    Neowinian Senior

  • 6,272 posts
  • Joined: 28-August 01

Posted 21 May 2014 - 13:53

Seems to be genuine:

 

http://www.engadget....assword-notice/



#4 Andrew

Andrew

    Guardian

  • 25,368 posts
  • Joined: 14-September 03

Posted 21 May 2014 - 13:54

Topics merged



#5 OP Max Norris

Max Norris

    Neowinian Senior

  • 5,154 posts
  • Joined: 20-February 11
  • OS: Windows 2012R2, 7, BSD Unix
  • Phone: HTC One (Work) Lumia 1020 (Home)

Posted 21 May 2014 - 13:54

Yep, at least no financials were gotten, could have been much worse. See we posted at exactly the same time too, need a cleanup in aisle 3 for a merge.

#6 leesmithg

leesmithg

    The Major!

  • 9,493 posts
  • Joined: 11-August 04
  • Location: Kings Hill, West Malling, Kent, England.

Posted 21 May 2014 - 13:55

Let me think... Yes, the correct word is ''CRACKED'' not hacked.



#7 OP Max Norris

Max Norris

    Neowinian Senior

  • 5,154 posts
  • Joined: 20-February 11
  • OS: Windows 2012R2, 7, BSD Unix
  • Phone: HTC One (Work) Lumia 1020 (Home)

Posted 21 May 2014 - 13:57

Let me think... Yes, the correct word is ''CRACKED'' not hacked.

If you say so. Some of us hack a system and crack a program, but /shrug.

#8 #Michael

#Michael

    Neowinian Senior

  • 6,272 posts
  • Joined: 28-August 01

Posted 21 May 2014 - 14:00

Yep, at least no financials were gotten, could have been much worse. See we posted at exactly the same time too, need a cleanup in aisle 3 for a merge.

 

Looks like we both read the morning headlines and like to post...no biggie. :D



#9 +warwagon

warwagon

    Only you can prevent forest fires.

  • 27,194 posts
  • Joined: 30-November 01
  • Location: Iowa

Posted 21 May 2014 - 14:02

Two-Factor authentication FTW!

 

Also a good reason to lie on your security questions.

 

I've had it turned on ever since the PayPal football came out in what was it... .2007? At least in PayPal's Case.. In eBay's case it's when ever they started offering it.

 

At this very moment is why I love password managers. Change it in Roboform and it sends it to all my computers and devices.

 

Great... Paypal doesn't let me copy and paste passwords you have to retype it. Well with a password like (example) rlLe8EeSZ5R8 ...sooo much safer to paste it. I sure hope eBay lets me paste passwords.



#10 AStaley

AStaley

    Neowinian

  • 308 posts
  • Joined: 07-August 04
  • Location: United Kingdom
  • OS: Windows 8.1 Pro x64, OSX Mavericks, Elementary OS, Server 2008 R2/2012 R2, CentOS.
  • Phone: iPhone 6 (IOS8)

Posted 21 May 2014 - 14:03

Updated password, and changed PayPal just to be safe.  Probably should get around to setting up 2Factor...



#11 #Michael

#Michael

    Neowinian Senior

  • 6,272 posts
  • Joined: 28-August 01

Posted 21 May 2014 - 14:10

Two-Factor authentication FTW!

 

Also a good reason to lie on your security questions.

 

I've had it turned on ever since the PayPal football came out in what was it... .2007? At least in PayPal's Case.. In eBay's case it's when ever they started offering it.

 

At this very moment is why I love password managers. Change it in Roboform and it sends it to all my computers and devices.

 

Great... Paypal doesn't let me copy and paste passwords you have to retype it. Well with a password like (example) rlLe8EeSZ5R8 ...sooo much safer to paste it. I sure hope eBay lets me paste passwords.

 

Oh yeah.  Forgot that I turned that on many moons ago.  Went to reset my password and had to use two factor.  Now I am not so concerned.



#12 +warwagon

warwagon

    Only you can prevent forest fires.

  • 27,194 posts
  • Joined: 30-November 01
  • Location: Iowa

Posted 21 May 2014 - 14:13

Oh yeah.  Forgot that I turned that on many moons ago.  Went to reset my password and had to use two factor.  Now I am not so concerned.

 

Back in 2007 I told a guy I knew (still know) to buy one of those paypal footballs for $5 to secure his eBay account (I think eBay supported it back then) ... well he never did. Then one day he logged into his eBay account and it was in Chinese :laugh: ...even after that he STILL never turned on Two-Factor Authentication on eBay!



#13 leesmithg

leesmithg

    The Major!

  • 9,493 posts
  • Joined: 11-August 04
  • Location: Kings Hill, West Malling, Kent, England.

Posted 21 May 2014 - 14:20

If you say so. Some of us hack a system and crack a program, but /shrug.

To reveal a username and password, you crack it.



#14 Thief000

Thief000

    Neowinian

  • 1,414 posts
  • Joined: 24-December 05

Posted 21 May 2014 - 14:24

http://www.ebayinc.c...hange-passwords



#15 +LimeMaster

LimeMaster

    LippyZillaD Council ( ͡° ͜ʖ ͡°)

  • 11,042 posts
  • Joined: 28-August 10
  • OS: Windows 8
  • Phone: Nokia Lumia 920

Posted 21 May 2014 - 14:25

Password changed.