eBay hacked, database breached and personal information compromised

Global auctioning site eBay has warned users to change their passwords in the wake of a recent cyber attack against the company. The popular service used by millions all over the world has suffered from a database breach, in which the safety of personal information such as names, passwords, and email addresses have all been compromised. The company has reassured that no financial information was contained within the database and neither was there any sign of a PayPal hacking. 

The attack itself occurred back in early spring in which cyber attackers gained access to a small number of employee's accounts; this resulted in unauthorized access to eBay's network, that enabled the criminals to obtain information from the database. A team of IT experts has been put to the task of a ruthless investigation, aiming to protect customers and their identities against further damage. 

The article quotes an eBay statement, saying: 

eBay regrets any inconvenience or concern that this password reset may cause our customers. We know our customers trust us with their information, and we take seriously our commitment to maintaining a safe, secure and trusted global marketplace.

eBay users will be told to change their passwords imminently, the alert will arrive through each registered email address, and the sites communication feature will also notify accounts of the predicament.

The company is responsible for $205 billion (USD) of commerce in 2013, as well as functioning in more than 1,000 cities around the globe. Although impressive stats, many users may feel vulnerable when shopping on the site in the future. As to how much of an effect this breach will have on the company's extensive success, only time will tell. 

Source: eBay via Business Wire 

Thanks Max Norris for the tip!

Report a problem with article
Previous Story

Xbox One external hard drive support coming in June system update

Next Story

Spotify now has 10m subscribers, a 100% increase in 18 months

46 Comments

View more comments

Well with PayPal, well in the U.K. when you change bank details they send a message to your bank, you then have to contact your bank and ask for the new code then you enter it an then can update and use PayPal.

leesmithg said,
Well with PayPal, well in the U.K. when you change bank details they send a message to your bank, you then have to contact your bank and ask for the new code then you enter it an then can update and use PayPal.

Last time I did that it wasn't a message sent to the bank, they actually made two small deposits into your bank account. You then typed those values into PayPal after checking your bank statement. It wasn't a message, and you didn't have to "contact" your bank per se.

Do you think eBay loves you? ;)
jk eBay I think is a fantastic service but yea It may of been attacked in awhile ago, an audit sometimes only discovers such things months later, that's on eBay to rectify their process

I haven't gotten an email from eBay about a password reset. Does this mean I wasn't affected or are they just slow?

Well I did just to be safe. But it is kind of disappointing that I have to rely on news reports of security breaches rather than eBay notifying me directly.

Enron said,
I haven't gotten an email from eBay about a password reset. Does this mean I wasn't affected or are they just slow?

I didn't get one either but I think it would be wise to assume that everyone is affected so definitely change your password. Unfortunately that doesn't help with them having our phone numbers, email addresses, home addresses, etc.

Am I the only one who is concerned that they now have names, email address, home addresses and phone numbers too?

Also, why weren't we alerted about this earlier?

I'm a little puzzled as to why they didn't tell people immediately.

I wonder if eBay UK is affected, since if their UK databases, etc, have been stolen eBay are going to be in trouble over here (we have very strict data protection laws).

I am!

"My address, phone number, and email aren't confidential data at all...0_o"

That's what I was going to post when I saw that...two freaking months. It's a good thing all those nice websites now have my information to sell to people wanting to locate my house and office.

...and internet-based companies get so angry or disappointed when people don't use them. Security of data? Hardly. There is a lot to be said about using the USPS.

I think it is inexcusable that eBay waited this long to tell anyone about this. I still haven't received any notification from them and would have known nothing about it if not for seeing it here on Neowin.

Thrackerzod said,
I think it is inexcusable that eBay waited this long to tell anyone about this.

Ditto that -- I haven't used my account in a couple years, zero email, nothing on the site, nada.. if you don't look at a news site chances are you'd still not know about it. Breaches happen, but dragging their feet this long to mention it is just negligent and borderline absurd.

"A team of IT experts has been put to the task of a ruthless investigation, aiming to protect customers and their identities against further damage"

Is Neowin being paid by eBay? This hack and lack of notice are just 2 more reasons not to trust the tat bazaar.

If all are smart you would also change your Paypal password to after all eBay dose own it as well just saying.

WTF! No email or message in my messages to change my password, I have to find out from Neowin. Also, I went to change my password on ebayand got this message:
'
"Page not available"

"Ebay is asking its users to reset their passwords due to the unauthorized access to our corporate information network. This may result in a delay of service due to the high traffic volume. We ask for your patience and that you return to eBay soon. In the meantime, please be assured that no activity can occur on your account until your password is reset."

Other than hacking, is there any other way to know the passwords in asterisk? I've heard that Micro keylogger can record password. Is that true?

Commenting is disabled on this article.