eBay Hacked, Urges All Members to Change Passwords Immediately

Yahoo ^ | May 21, 2014 | Jason O. Gilbert

[kingattax]

The online auction and sales giant eBay posted a message Wednesday morning saying that it had been hacked, urging all of its members to change their passwords.

The company said in a statement that a database containing encrypted passwords had been breached, but that financial data, including credit card information, was stored separately and was still safe. Hackers were able to gain access to eBay employee log-ins, eBay said, which in turn gave them access to the encoded passwords.

eBay says that no unauthorized transactions have yet been made with the information. But if you’re an eBay user, you still definitely need a new password.

“[C]hanging passwords is a best practice,” the statement said, “and will help enhance security for eBay users.”

[Extremely Extreme Extremist]

I just changed my password about an hour ago.

[gaijin]

changed mine, too.

[IllumiNaughtyByNature]

yep.

[luckymom]

Why don’t I see anything about this on their site?

[bunkerhill7]

my password is up for bid sale on ebay.

[Fai Mao]

“my password is up for bid sale on ebay.”

Various politicians have their votes on bid there too.

[captmar-vell]

thanks for the headsup

[Parley Baer]

What is to pervent Ebay from being hacked again and the new pass words stolen? I am going to wait a little bit before changing my password.

[Rashputin]

I don't see this when I go to Ebay and haven't received a message from them so it sounds to me like someone is trolling to get the unwary to go to a philsing site thinking they're changing their password when in fact their password is being captured.

Otherwise Ebay would have an alert out right when you sign in which they don't.

[HiTech RedNeck]

Having the database might or might not mean instant capability of using filched passwords. The closer your password is to a dictionary entry, the easier a cyberthief could crack it, however.

[steve86]

It is legit.

[HiTech RedNeck]

I checked my Ebay account and same thing... no warning. And yet it is on a major site, Yahoo. This is not on Fred’s Fabulous Blog.

[nascarnation]

If it’s fake news, they’ve done a great job.
It’s on all major internet portals.
Do a search of “ebay hacked”

http://www.cnet.com/news/ebay-hacked-requests-all-users-change-passwords/

http://www.cnbc.com/id/101692205

http://www.forbes.com/sites/jameslyne/2014/05/21/ebay-hacked-bleeds-data-why-you-need-to-act/

[steve86]

BTW, don’t link your Paypal account to your eBay account.

[Rashputin]

MSN has it as well but I'm still leary. When Ebay says to do so I'll be sure it's the real deal. Until then, it seems as much a risk to go change it as to let it sit and disconnect Paypal from your Ebay account until the facts are in.

JMHO

[nascarnation]

http://announcements.ebay.com/2014/05/ebay-inc-to-ask-ebay-users-to-change-passwords/

[Durus]

It is definitely on Ebay as an announcement. Further if you are typing in Ebay.com it is not a risk to change your password.

[Up Yours Marxists]

Just changed my password to the one I use for all my banks, credit cards, and Free Republic. If you see any suspicious posts using my account, this is OK. Send $15 to my Paypal account attention communists@money.hk.cn to unlock special features on your browser.

[Rashputin]

"Further if you are typing in Ebay.com it is not a risk to change your password."

While that may be true in this case that's sure not always the case. Target and Citibank as well as others were hit with a capture method that read what you typed on their real .com address in spite of HTTPS. Macht nichts, as they say, no guarantees either way.