• November 27, 2014

EBay asks users to change password after breach

Print
Font Size:
Default font size
Larger font size

Posted: Thursday, May 22, 2014 9:03 am

NEW YORK — E-commerce site eBay is asking users to change their passwords after a cyberattack compromised a company database containing customers' names, encrypted passwords, email addresses, physical addresses, phone numbers and dates of birth.

The company said Wednesday that there is no evidence that any financial or credit card information was stolen and no sign that the breach has resulted in unauthorized activity for its 145 million active users.

EBay says its investigation is active and it can't comment on the specific number of accounts affected, but says the number could be large.

Cyberattackers stole a small number of employee log-in credentials that gave access to eBay's corporate network, the company said. The San Jose, California-based company is working with law enforcement to investigate the attack.

The database was hacked sometime between late February and early March, but compromised employee log-in credentials were first detected two weeks ago.

EBay owns electronic payment service PayPal, but eBay says there is no evidence PayPal information was hacked, since that data is stored separately.

The attack follows several other high-profile data security incidents, including a massive breach at Target stores and the recent discovery of the "Heartbleed." computer security flaw. Heartbleed is a point of weakness in a key piece of security technology used by more than 500,000 websites that had been exposing online passwords and other sensitive data to potential theft for more than two years.

 

And during Target's data breach last year, hackers stole about 40 million debit and credit card numbers and personal information for 70 million people.

Shares of eBay Inc. fell 8 cents to $51.88 in Wednesday's trading.

© 2014 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

More about

More about

Rules of Conduct

  • 1 Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
  • 2 Don't Threaten or Abuse. Threats of harming another person will not be tolerated. AND PLEASE TURN OFF CAPS LOCK.
  • 3 Be Truthful. Don't knowingly lie about anyone or anything.
  • 4 Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
  • 5 Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
  • 6 Share with Us. We'd love to hear eyewitness accounts, the history behind an article.

Welcome to the discussion.