May 22, 2014 - Tyler, Texas - Earlier this week, eBay asked all of its 112 million users via email, site communications and other marketing channels to change their password. As a best practice, BBB is reminding consumers to change their passwords for eBay as well as on other sites.
In February through early March, cyber attackers gained access to the eBay corporate network by compromising a small number of employee login credentials, allowing unauthorized access to eBay's corporate network. While the compromised database included eBay customers' name, encrypted password, email address, physical address, phone number and date of birth, the database did not contain financial information or other confidential personal information.
The company said it has seen no indication of increased fraudulent account activity on eBay. There also seems to be no evidence of unauthorized access or compromises to personal or financial information for PayPal users. PayPal data is stored separately on a secure network, and all PayPal financial information is encrypted. The company is currently working with law enforcement and leading security experts to further investigate the matter and protect customers.
“The same password should never be used across multiple sites or accounts”, said Mechele Mills, President and CEO of BBB Serving Central East Texas. “Using different passwords on different sites and changing them often may make it difficult for the user, but it also makes it more difficult for cybercriminals.”
BBB offers the following advice for what to do if you are notified that your information has been compromised in a data breach:
For more information on how to be a savvy consumer, go to bbb.org. To report fraudulent activity, please call the BBB Hotline: (903)581-8373.