EBay urges users to change passwords after cyber-attack comes to light

EBay has urged its users to change their passwords as soon as possible, as a cyber-attack has compromised one of its corporate databases.

The company said the attack on its database occurred sometime between late February and early March. The database in question contained encrypted passwords and non-financial data. The U.S. firm further said that it found no evidence of unauthorized activity on its users' accounts, but password changes are nonetheless recommended just to be on the safe side.

"eBay Inc. said beginning later today it will be asking eBay users to change their passwords because of a cyberattack that compromised a database containing encrypted passwords and other non-financial data," reads a post published Wednesday, May 21, on eBay's corporate site.

"After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users."

The company further notes that cyber attackers did obtain "a small number of employee log-in credentials," which allowed them to access its systems. Although the hack likely occurred in late February or early March, eBay became aware of it only a couple of weeks ago.

While the database that was compromised did not contain any financial information, it did include eBay users' name, encrypted passwords, email addresses, physical addresses, phone numbers, and dates of birth. In other words, some information was still compromised, although it did not contain financial data.

"Extensive forensics subsequently identified the compromised eBay database, resulting in the company's announcement today," added eBay.

The firm also owns the popular PayPal money transfer service, but eBay said that data for this division was stored separately and encrypted, and it found no evidence that it had been accessed. On the other hand, any eBay users who used the same login details for both eBay and PayPal are advised to change their PayPal passwords as well.

All eBay users should receive email notifications starting today, May 21, and eBay will also alert users of this issue via site notifications and other marketing channels.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics