EBay hacked

[Mousey]

You do not have permission to view link Log in or register now.

BOSTON/BANGALORE (Reuters) - EBay Inc said on Wednesday that a cyber attack carried out three months ago has compromised customer data, and the company urged 145 million users of its online commerce platform to change their passwords.

The company said unknown hackers stole email addresses, encrypted passwords, birth dates, mailing addresses and other information in an attack carried out between late February and early March. The files did not contain financial information.

An eBay spokeswoman said a large number of accounts may have been compromised, but declined to say how many....

 

[vinylweatherman]

So, they hid this for a couple of months before letting users know that it was serious enough to warrant them changing their passwords. Talk about shutting the stable door after the horse has bolted. Had the hackers intended using the information, they would have had two months of plundering before users started reacting by implementing preventative measures.

It seems that eBay wanted to keep what happened under wraps, but after two months were forced out into the open by some other circumstance. Maybe it was a case of them finding out that a third party was going to break the bad news, leaving them no choice but to get in first for damage limitation, rather than to protect users. By getting in first, they can at least take control of the PR.

eBay were lucky that the hackers did not do a great deal of damage in the two months, so they can at least downplay this as a "contained" breach that wasn't a significant threat to users.

 

[JackTenOff]

Don't think eBay could've handled this any worse, any reputable company would email users ASAP if there data/password was compromised as has happened many times in the past and will happen many times in the future.

 

[dunover]

This is old news. If you used encryption your end, then I don't think they even bothered asking you to change your password. Feebay does it again...