According to reports published online, Internet auction giant eBay was hit with a massive security breach that potentially affects millions of customer accounts. According to the company, the breech was discovered earlier this month. Customer data was likely stolen as early as February or March. eBay boasts a user base of over 145 million. The company has not specified how many of these users have been affected, but say the number is large.
The security breach, the largest in eBay history. Industry insiders say attackers gained access to encrypted customer information after obtaining employee log-in credentials.
On eBay's website (although buried in a section of the site most users won't find), the company said that no financial data was compromised. eBay also claims that Paypal, an eBay subsidiary, and the largest payment processing service on the internet, was not compromised in the hack as its files are stored separately on a secured network. Additional eBay affiliate sites, such as StubHub, eBay Classifieds, Tradera, GMarket, GumTree and GittiGidiyor were also unaffected by the breach.
eBay also plans to send each of its users an email explaining the situation later today.
In response to the intrusion, eBay has contacted federal law enforcement and is asking customers to change their login credentials immediately. Also, if you use your eBay password on other internet sites, the company recommends that you change those passwords as well.
What customer information was accessed?
eBay representatives claim the information stolen included the following:
- Customer name
- Encrypted password
- Email address
- Physical address
- Phone number
- Date of birth
eBay believes that they have shut down unauthorized access to their site and have put additional security measures in place to stop a repeat of the breach. The company also reiterates that it has strong protections in place to protect buyers and sellers in the event of any fraudulent activity on compromised accounts.