Skip to comments.eBay Hacked, Urges All Members to Change Passwords Immediately
Posted on 05/21/2014 4:43:38 PM PDT by kingattax
The online auction and sales giant eBay posted a message Wednesday morning saying that it had been hacked, urging all of its members to change their passwords.
The company said in a statement that a database containing encrypted passwords had been breached, but that financial data, including credit card information, was stored separately and was still safe. Hackers were able to gain access to eBay employee log-ins, eBay said, which in turn gave them access to the encoded passwords.
eBay says that no unauthorized transactions have yet been made with the information. But if youre an eBay user, you still definitely need a new password.
[C]hanging passwords is a best practice, the statement said, and will help enhance security for eBay users.
(Excerpt) Read more at yahoo.com ...
I just changed my password about an hour ago.
changed mine, too.
Why don’t I see anything about this on their site?
my password is up for bid sale on ebay.
“my password is up for bid sale on ebay.”
Various politicians have their votes on bid there too.
thanks for the headsup
What is to pervent Ebay from being hacked again and the new pass words stolen? I am going to wait a little bit before changing my password.
Otherwise Ebay would have an alert out right when you sign in which they don't.
Having the database might or might not mean instant capability of using filched passwords. The closer your password is to a dictionary entry, the easier a cyberthief could crack it, however.
It is legit.
I checked my Ebay account and same thing... no warning. And yet it is on a major site, Yahoo. This is not on Fred’s Fabulous Blog.
If it’s fake news, they’ve done a great job.
It’s on all major internet portals.
Do a search of “ebay hacked”
BTW, don’t link your Paypal account to your eBay account.
It is definitely on Ebay as an announcement. Further if you are typing in Ebay.com it is not a risk to change your password.
Just changed my password to the one I use for all my banks, credit cards, and Free Republic. If you see any suspicious posts using my account, this is OK. Send $15 to my Paypal account attention firstname.lastname@example.org to unlock special features on your browser.
While that may be true in this case that's sure not always the case. Target and Citibank as well as others were hit with a capture method that read what you typed on their real .com address in spite of HTTPS. Macht nichts, as they say, no guarantees either way.
Gee, you’d think Ebay could email us or contact us members
directly about a security breach? It’s not like they have no
way to find us....Right?
This supposed breach of security allededly happened
months ago. I call B.S. on this.
I’ve never read that Citi was hacked. Target wasn’t hacked as much as an admin password was “found”, regardless they read passwords directly from databases, not through users password field entry.
I went to my ebay account and had a “message” ... there were two notices; one that we’re going to ask customers to change PW; the next, we are asking. Says they think the hacking was done in Feb/Mar. I changed my ebay PW early May, so may just stick with what I’ve got.
Could not change mine, forgot it.
People with privilege logging in remotely having their passwords captured was the root of the problem.
My daughter is finishing up her Masters in Computer Forensics and Security and got all this from a lecture she attended recently, beyond that I don't recall the specifics. I'll take her word as being correct, you take my word as being BS, we'll both be happy.
I put 15 bucks in the mail with attn: Up Yours Marxists written on each 5 dollar bill. I’m sure it will get to you soon.
Don't you hate when that happens? There are times when I tried for weeks to remember a password, trying every variation of a common set of characters and phrases I use. For eBay, I haven't changed my password for a dozen years now. Guess it's time, as long as I record it in a safe place (which I will misplace).
They're also taking their time sending that message out, too, although I guess they batch them out or something. I change my passwords every month or so anyway and my current one is less than a month old.
Once we shoot 90% of the lawyers and impose real costs and penalties on those who file fraudulent damage claims some company will be honest enough to just say, "we had our security improperly configured last Tuesday so everyone should probably change their password just in case we were hacked last Tuesday".
Until then, I guess they play CYA with a "we think we were hacked a few months back" message.
Prolly best to request a new temporary password right away by selecting “Forgot Password” during the login process.
Thanks for the heads up! Changing mine right now.
I’ve tried to change my password for an hour. You have to receive a notice in your email in order to complete the reset. Mine has not come. They have my email address blocked out for the most part in their message, but the last part of it is wrong. I wonder if it was sent somewhere else, or that is part of the hacking scheme.
Anybody else having this problem. Or what else can I do?
When I went to the site to change my password (and I did see a notice at the site that I should change my password, though I never got one in my email — thanks, eBay!), I was not able to change it on my first attempt. A notice popped up that if I needed help with my password changing, to contact Customer Service. I imagine if you toodle around on the site for a while (be sure to check the very bottom of pages, since that’s where they put the stuff they don’t want you to see) you can find Customer Service and get them to help you. Luck!
Best of luck to your Daughter. It's a crazy (sometimes literally) industry.