If you have an eBay account, it’s time to change your password. The company released a statement today saying its internal and customer databases were compromised earlier this year, and starting today it will prompt everyone to change their passwords.
Attackers made off with names, addresses, email addresses, phone numbers, birth dates, and of course, encrypted passwords. eBay explained that financial info including credit card numbers and other sensitive data (like PayPal account details) are kept in a separate encrypted database which wasn’t compromised. They also said they have found no evidence of unauthorised access or activity by registered eBay users — which is code for “we don’t think anyone’s used these passwords yet”. According to the statement, intruders compromised employee accounts first, and used their access to get the data they really wanted. eBay discovered the breach about two weeks ago, but the actual attack took place back in late February and early March.
[related title=”EBAY STUFFS UP” tag=”ebayoops” items=”1″]To change your eBay password, log into your account, then click your name in the upper left corner. Select Account Settings. Click “Personal Information” or “Business Information” on the left side of the page, and “edit” next to your password.
As always, if you use the same password on multiple sites, first, change those too, and second, stop using the same password on multiple sites. Instead, use a password manager that generates and remembers strong passwords for all the sites you use around the web. You can read eBay’s full statement at the link below.
eBay Inc. To Ask eBay Users To Change Passwords [BusinessWire via Boing Boing]
Comments
3 responses to “eBay Hacked, Change Your Passwords Now”
Their website has crashed (well the account section anyway) i cannot get through to change my password. I’m sure they were planning on warning us but they needed time to prepare for the massive hit on their site.
Does this apply to eBay Australia?
Absolutely — it’s a single system.
Paypal got hacked too – they bought stuff on my Ebay account and paid for it with my Paypal account. And I had different passwords for both!
What did they buy?
who gives a shit? ooouuuu they got my address OH NO! Seriously if your credit card details weren’t obtained then i don’t see the big deal