eBay spokeswoman Nichola Sharpe announced that the companys security experts have determined that its highly likely that whoever posted confidential information about 1,200 eBay members in the companys Trust & Safety discussion forum this week stole the data via an e-mail phishing scam and did not hack into eBay systems. eBay is working with law enforcement to take action against the fraudster, she said, while declining to answer whether the person has been identified or caught. Because the situation is delicate, eBay cant fully disclose the information it has gathered, she said.
eBay took the Trust & Safety forum offline about an hour after the fraudster began posting information like names, addresses, user IDs and, apparently, credit card numbers. Regarding the credit card numbers, eBay now knows they didnt belong to the affected members and is fairly certain that the numbers werent valid at all. "We have reason to believe this data was falsified to cause public concern," Sharpe said. As part of its investigation, eBay has contacted the affected users by telephone.
News source: InfoWorld