EBay Database Hacked

May 22, 2014

EBay Database Hacked

Lubbock, TX: Better Business Bureau® serving the South Plains of West Texas is warning consumers that E-commerce site eBay is telling users to change their password after a cyber-attack took hold of a database with passwords.

In a post on its website, the online company says it has no knowledge of users’ financial information having been stolen or misused, despite the theft of names, addresses, phone numbers, telephone numbers and birth dates. Unlike basic user information, financial information is encrypted.

The breach was discovered two weeks ago by the company. The company said it has seen no indication of increased fraudulent account activity on eBay. EBay also said it has no evidence of unauthorized access or compromises to personal or financial information for PayPal users. PayPal data is stored separately on a secure network.

EBay users will be notified via email, site communications and other marketing channels to change their password. In addition to asking users to change their eBay password, the company said it also is encouraging any eBay user who utilized the same password on other sites to change those passwords, too.

This is only the latest in a series of high-profile attacks that hit retailers Target, Niemen Marcus and others, as well as AOL last month.

The BBB offers some password strategy tips:

•Base the password on a mnemonic, such as an easily remembered phrase. Take the first letter of each word in the phrase and add a few characters. Example: “Seek first to understand” would look like sftu8@.

•Let applications like Hitachi ID Password Manager select a safe password for you.

•Use six characters or more.

•Mix upper and lower case letters. Don’t use personal information or dictionary words. Hackers use software to enter random dictionary words to help them determine your password.

•Avoid substitutions such as replacing l or i with the digit 1. The hackers’ software will figure that out immediately.