PhotoHere's the latest in the never-ending chain of cyberattacks: eBay says it has been hacked and is asking its eBay and PayPal users to immediately change their passwords.

The company said that attackers compromised "a small number of employee log-in credentials," allowing unauthorized access to eBay's corporate network and compromising a database containing encrypted passwords and other non-financial data.

"After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats," eBay said in a statement, adding that "changing passwords is a best practice and will help enhance security for eBay users."

eBay said the affected database, which was compromised between late February and early March, included eBay customers' name, encrypted password, email address, physical address, phone number and date of birth.

The break-in was detected about two weeks ago, eBay said.

The company said it has seen no indication of increased fraudulent account activity on eBay. The company also said it has no evidence of unauthorized access or compromises to personal or financial information for PayPal users. PayPal data is stored separately on a secure network, and all PayPal financial information is encrypted.

eBay and PayPal users will be notified by email and asked to change their password. Also, anyone who used their eBay/PayPal password on other sites should change the password on those sites as well.

The same password should never be used on multiple sites.

eBay said it is working with law enforcement to try to identify those responsible for the break-in.


Share your Comments