The data of 145 million users has been breached, as eBay Inc confirm that they have been compromised. Hackers have gained access to multiple forms of personal details, such as postal addresses, passwords and emails; users are being urged to promptly change their passwords.
eBay Inc have confirmed in an online announcement that they have been hacked and user information has been compromised.
The attack, which took place between late February and early March allowed hackers access to the names, e-mail addresses, encrypted passwords, postal details, phone numbers and date of birth of customers. The Daily Mail is reporting over 145 million users were affected and eBay is urging all users to change their passwords and to lookout for any suspicious activity on their accounts.
eBay were quick to reinforce that the breach did not have any impact on user’s PayPal or financial information. However, users who have blanketed passwords (you know who we’re talking about, you that has the same “favouritesportsteam+birthdate” password across multiple accounts) should be taking the time to go in and change all their passwords, particularly if baking details are involved.
‘After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorised activity for eBay users, and no evidence of any unauthorised access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users.’ – eBayinc.com
A thorough root cause analysis hasn’t been offered by eBay; computer forensics experts the world over are eagerly awaiting to see exactly what went wrong.
The UK’s Daily Mail is reporting that the auction site initially thought customer data was safe.
‘For a very long period of time we did not believe that there was any eBay customer data compromised,’ global marketplaces chief Devin Wenig told Reuters in the first comments by senior executives since the company disclosed the breach this week.
‘When we found out that there was, we moved swiftly to disclose,’ he added.
Security experts the world over are also warning users about the potential risk of identity fraud. The personal information siphoned from the global online marketplace could be used to falsify data or to attack other online accounts. Users should be looking out for any suspicious activity on an online account they have and should be moving swiftly to change passwords, ensuring they are as long and complex.
Watch U.S late night talk show host, Jimmy Kimmel spoof the hack in the video below.
The eBay hack is the golden goose of online data simply because of the mass of data eBay takes on its users. Having different password across all of your accounts makes it more difficult for a hacker to mine your password from one site and then jump across to your bank, Facebook or Twitter account and hack those too.
Your kids’ names followed by your birthdate; your favourite band followed by the Summer of Love, passwords like these are too easy decipher even when encrypted. What you want is a combination of words, phrases, numbers, Capitals and symbols that are as long as possible.
Password managers generate strong, unique passwords for all your online access sites, which are then kept in an encrypted database which you can unlock using a single master password. Tools like LastPass are a great way to ensure you have multiple passwords but don’t have to remember them all.
If you’re a business and you’re worried about data leaks or hackers you can read more about penetration testing here.