eBay hack: Users asked to change passwords after cyberattack hits 145 million

Compromised data includes encrypted passwords, home addresses, email addresses, phone numbers and individuals' date of birth

If you are a user of online auctioneer eBay it’s time to change your password, after the company admitted it was the victim of what is thought to be the 2nd largest data breach in US history.

Internet security experts said eBay “had questions to answer” last night, as the firm provided few details about how hackers had slipped undetected into its databases.

In an embarrassing disclosure for the firm, which accounted for £126 billion of commerce online last year, it revealed that the breaches involved hackers accessing the details of up to 128 million users as long as three months ago, though the attack was not detected until much more recently.

"Our customers are our highest priority; and to ensure they continue to have a safe, secure and trusted experience on eBay, we will be asking all eBay users to change their passwords," the company told the Telegraph yesterday.

Industry experts have pointed out that the firm is viewed by hackers as the golden goose of targets, with its popularity and massive online reach making it a potential gold mine for cybercriminals.

However the company insisted that it had no evidence of “unauthorised activity” on its members’ accounts and that data on its PayPal money transfer service remained secure.

Despite this reassurance, eBay recommended that its users change their passwords as “best practise” and promised to “enhance security for eBay users”.

Security experts have been quick to point out the breach isn’t restricted to passwords though, with compromised information also including “unprotected” real-world data such as customer names, email addresses, addresses, phone numbers and dates of birth.

Professor Alan Woodward, an internationally respected cybersecurity expert at the University of Surrey, told The Independent: “That this has happed to a big company like eBay results in a collective sigh from everyone involved online security. It just shouldn’t happen.

“I infer from the statement from eBay that what has happened is that a small number of employees with privileged access have fallen prey to something like a phishing attack and inadvertently given away their login credentials. 

“However, for something as important as this database, it should take more than just username and password to access it. There should have been two-factor authentication. So, the question is was there and if there was how on earth did the hackers get past it? If not then eBay has some serious questions to answer.”

eBay has not provided any information about the kind of encryption it used to protect passwords, and experts such Prof Woodward have questioned why further personal information on the site was not encrypted at all, leaving the door open for “possible ID fraud” against affected users.

Brendan Rizzo, cyber security expert and the technical director at Voltage Security, a market leader in encryption technology, agrees that the “worrying aspect of this disclosure” was that eBay had left personally identifiable information “completely unprotected”.

He told The Independent: “This information would give the attackers almost all of the information they need to undertake fraudulent activity on a compromised user's behalf.  If data is left unprotected, it's not a matter of ‘if’ it will be compromised - it's a matter of ‘when’.”

This won't be the first time this year that Internet users have been asked to reset their passwords, with the Heartbleed bug, discovered in April, triggering widespread cybersecurity worries.

READ MORE: THE 25 WORST PASSWORDS REVEALED - IS YOURS ON THE LIST?
PROMOTED VIDEO
Life and Style
ebookNow available in paperback
Life and Style
ebooksA superb mix of recipes serving up the freshest of local produce in a delicious range of styles
News
video
News
people
Arts and Entertainment
Jimson Weed/White Flower No 1 by Georgia O'Keeffe
art
Sport
Robin van Persie leaves the field at the King Power Stadium last Sunday
football
Arts and Entertainment
tvPresenter back after daughter's Halloween accident
Arts and Entertainment
Martin Freeman and Benedict Cumberbatch as John Watson and Sherlock Holmes in Sherlock
tv

Co-creator Mark Gatiss dropped some very intriguing hints ahead of the BBC drama's return next year

News
people

London 'needs affordable housing'

News
In this photo illustration, the Twitter logo and hashtag '#Ring!' is displayed on a mobile device as the company announced its initial public offering and debut on the New York Stock Exchange on November 7, 2013 in London, England. Twitter went public on the NYSE opening at USD 26 per share, valuing the company's worth at an estimated USD 18 billion.
news

Arts and Entertainment
Timeshift: The Ladybird Books Story (9pm BBC4 Sun 22 Dec)
BooksLadybird drops branding books for boys and girls
Arts and Entertainment
music Band accidentally drops four-letter description at concert
News
news
Life and Style
tech
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Recruitment Genius: Customer Service Executive

    £20000 per annum: Recruitment Genius: A Customer Service Executive is required...

    Ashdown Group: Junior SQL DBA - London - £39,000

    £37000 - £39000 per annum + benefits: Ashdown Group: SQL Database Administrato...

    Recruitment Genius: PHP Developer

    £26000 - £32000 per annum: Recruitment Genius: Expanding creative studio requi...

    Argyll Scott International: Senior Perl Developer

    £40000 - £45000 per annum + Benefits : Argyll Scott International: Senior Perl...

    Day In a Page

    US immigration: President Obama ready to press ahead with long-promised plan to overhaul 'broken system' - but will it get past a Republican-controlled Congress?

    Immigration: Obama's final frontier

    The President is ready to press ahead with the long-promised plan to overhaul America's 'broken system' - but will it get past a Republican-controlled Congress?
    Bill Cosby rape allegations explained: Why are these allegations coming out now? Why didn’t these women come forward earlier? And why has nobody taken legal action?

    Bill Cosby rape allegations explained

    Why are these allegations coming out now? Why has nobody taken legal action? And what happens next for the man once thought of as 'America's Dad'
    Four years of excruciating seizures caused by the 1cm tapeworm found burrowing through a man's brain

    You know that headache you’ve got?

    Four years of excruciating seizures caused by the 1cm tapeworm found burrowing through a man's brain
    Travelling to work by scooter is faster than walking and less sweaty than cycling, so why aren’t we all doing it?

    Scoot commute

    Travelling to work by scooter is faster than walking and less sweaty than cycling, so why aren’t we all doing it?
    Paul Robeson: The story of how an American icon was driven to death to be told in film

    The Paul Robeson story

    How an American icon was driven to death to be told in film
    10 best satellite navigation systems

    Never get lost again: 10 best satellite navigation systems

    Keep your vehicle going in the right direction with a clever device
    Paul Scholes column: England must learn to keep possession and dictate games before they are exposed by the likes of Germany and Brazil

    Paul Scholes column

    England must learn to keep possession and dictate games before they are exposed by the likes of Germany and Brazil
    Michael Dawson: I’ll thank Spurs after we win says defender as he prepares to return with Hull

    Michael Dawson: I’ll thank Spurs after we win

    Hull defender faces his struggling former club on Sunday ready to show what they are missing. But he says he will always be grateful to Tottenham
    Frank Warren column: Dr Wu has big plans for the professionals yet he should stick to the amateur game

    Frank Warren column

    Dr Wu has big plans for the professionals yet he should stick to the amateur game
    Synagogue attack: Fear unites both sides of Jerusalem as minister warns restoring quiet could take 'months'

    Terror unites Jerusalem after synagogue attack

    Rising violence and increased police patrols have left residents of all faiths looking over their shoulders
    Medecins sans Frontieres: The Ebola crisis has them in the headlines, but their work goes far beyond West Africa

    'How do you carry on? You have to...'

    The Ebola crisis has Medecins sans Frontieres in the headlines, but their work goes far beyond West Africa
    Isis extends its deadly reach with suicide bombing in Kurdish capital

    Isis extends its deadly reach with suicide bombing in Kurdish capital

    Residents in what was Iraq’s safest city fear an increase in jihadist attacks, reports Patrick Cockburn
    Underwater photography competition winners 2014 - in pictures

    'Mysterious and inviting' shot of diver wins photography competition

    Stunning image of cenote in Mexico takes top prize
    Sir John Major: Negative West End portrayals of politicians put people off voting

    Sir John Major hits out at theatres

    Negative West End portrayals of politicians put people off voting
    Kicking Barbie's butt: How the growth of 3D printing enabled me to make an army of custom-made figurines

    Kicking Barbie's butt

    How the growth of 3D printing enabled toy-designer to make an army of custom-made figurines