EBay 'cyberattack' prompts password change warning - Action News
Home WebMail Saturday, November 23, 2024, 05:39 AM | Calgary | -11.9°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Business

EBay 'cyberattack' prompts password change warning

E-commerce giant eBay Inc. is asking customers to change their passwords after a recent hack that the company says exposed customer names and passwords, but didn't manage to steal any financial information.

Company says no finanial information was stolen, but warns customers to change passwords

The new normal of cybersecurity

10 years ago
Duration 3:05
When eBay announced it had been hacked and personal info was compromised, the advice for shoppers remained the same: change your password

E-commerce giant eBay Inc. is asking customers to change their passwords after a recent hack that the company says exposed customer names and passwords, but didn't manage to steal any financial information.

The company says the attack happened between February and March when hackers accessed a database containingcustomer names, encrypted passwords, email addresses, birth dates, physical addressesand phonenumbers.

"Beginning later today [Wednesday] it will be asking eBay users to change their passwords because of a cyberattack," eBaysaid in a statement.

"The compromised employee log-in credentials were first detected about two weeks ago. Extensive forensics subsequently identified the compromised eBay database, resulting in the companys announcement today."

PayPal not affected

The company saysit has found no evidence of any unauthorized access to financial or credit card information, or any fraudulent sales activity connected to the breach.

EBay says it has an "active investigation" into the matter and is working with law authorities, and as such can't comment on the number of customer accounts affected. For now, it is urging all customers to change their passwords as a precaution.

The company also owns electronic payment service PayPal, but eBay says there is no evidence PayPal information was hacked, since that information is stored separately on a secure network.

The breach comes on the heels of several high-profile online security scandals at other companies, includingTarget, which exposedthe customer data for 70million peoplelast fall. And in March, aworldwide web bug known as Heartbleedleft as many half a million websites vulnerable to being hacked because of a flawin a commonly used source code known as OpenSSL.

Ken Owen, a cybersecurityexpert at McMaster University in Hamilton, Ont., says eBay's just the lastest victim of a round of cyberattacks that are likely to become more and more common.

"It's better to take it on the chin and let people know that there's a problem than to try and disguise it," he says. "Every aspect of your business is tied to information technology now so, you're always vulnerable in that sense."

"You have to stay on top of this all the time," he says.