Posted on 09/26/2007 7:25:05 AM PDT by publana
http://forums.ebay.com/db2/thread.jspa?threadID=1000565444&start=0
Ebay was hacked today. Users complete credit card information was being posted today on eBay's Trust and Safety board including name, cc number, CCV, paypal info, etc. It took eBay over 90 minutes to finally pull down the Trust & Safety server to remove the publicly posted information. If you have an eBay or PayPal account, you might want to monitor the above link.
From whence cometh your info?
There are almost as many scam emails for eBay and/or PayPal as there are Nigerians.
Did this "Alert" come via an email?
Should I contact PayPal, as they have the CC info.
Almost 100% of the time is a phishing E-Mail.
bump
TomGuy,
You should forward the email to:
The are working hard to try to track down and stop all the phishing and spoofing.
Ping to self for monitoring. My name is not on the list, per post #9, but I wonder if Ebay will make any kind of formal announcement about the breach. Seems like they are obligated to do so to help their customers combat the fraud.
Google news search on ebay + hacked shows several news articles about it.
http://news.google.com/news?hl=en&ned=us&q=ebay+hacked&btnG=Search+News
ping
If you didn’t do any buying on ebay yesterday, then you’re not in danger anyway.
It probably wasn’t a hack, but a data transfer error. That’s why it took so long to terminate.
ugh. my name is not on the list but im going to assume it’s been taken. time to call my credit card company.
It was 1200 names running from a script every 15 minutes on their safety forum.
http://www.channelregister.co.uk/2007/09/25/ebay_account_details_published/
“If cc info was in paypal, how would hacking ebay get that info?
Or do some people put cc info into ebay itself?”
Ebay now owns PayPal.
But neither one will ever send you an e-mail asking for updated information because any information you entered when you registered is kept indefinately, unless you go directly to their website and update it yourself.
ANYTIME you get any e-mail claiming it is from either Ebay or PayPal, go directly to their websites and check whether you have any new ‘messages’ there. If you don’t, then the E-mail is nothing more than ‘Phish’ mail trying to get your credit card and account information.
Copy the entire email and send it to Ebay, or ignore it and block the senders address.
I often get those emails and I don't even have a PayPal or eBay account. *delete*delete*delete*
It happened. The main suspect is Vladuz, a well known cracker of Eastern European origin (Russian, Romanian).
Ebay is making phone calls to the affected ID’s, but at this time there is no evidence that the credit information was accurate or valid. The cracker looks to have been trying to create negative publicity and anxiety in the user base. Great way to start the “sell” season.
Ebay claims it was not hacked, but that the information came from phished accounts.
It was announced in the obscure eBay Chatter (eBay usually releases bad news this way) and also discussed in the AuctionBytes blog and several private forums for professional ebay sellers.
Ebay shut down the Trust and Safety forum and scrubbed references to it from many of the other ebay forums they host, as per their usual sweep it under the rug and hope it goes away SOP.
I can’t believe you pulled this from breaking news. That is the only way that I learned of this extremely important information. Please put it back in breaking. I does matter a lot to some people. Ebay certainly isn’t forthcoming with the info.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.