Web giant eBay is encouraging all its users to change their passwords after it suffered from a cyber-attack. The US auction site has revealed its database was hacked back in late February or early March.
During the attack the website lost encrypted passwords and other non-financial data which shouldn’t be too much of a problem. eBay said there’s no evidence of the information being used on member’s accounts but still urged users to change their passwords.
The firm said changing passwords is the “best practice and will help enhance security for eBay users".
It’s though an email will be sent round before the end of the day on Wednesday 21 May to encourage users to switch passwords now. The site currently has 128 million active users.
How exactly was the website compromised? The corporate site for eBay posted explaining the attackers gained access through "a small number of employee log-in credentials".
eBay was only made aware of the compromise a fortnight ago, but it begs the question why eBay has waited 2 whole weeks to inform users of the attack.
The post explained the database “included eBay customers' name, encrypted password, email address, physical address, phone number and date of birth. However, the database did not contain financial information or other confidential personal information.”
PayPal, which is owned by eBay, is safe as it’s a separate division and the data was stored separately.
So the advice is to jump into eBay now and change your password manually. An email will be sent round later today to explain to do it but it’s best just to do it of your own accord ASAP. You’ll find it under your personal information.
Are you annoyed about the eBay breach? Why do you think eBay waited 2 whole weeks to reveal what had happened? Let us know your opinion in the comments below?
by jamesp via Featured Articles
Posts
No comments: