The latest online network and website to be hacked with personal information stolen from users is eBay. The eCommerce company is asking its users to change their passwords and other personal information they have stored on their profiles. This includes email addresses, names, physical addresses, phone numbers and dates of birth.
Readers may recall this isn't the first time such a large company got hacked and its website compromised. Bit.ly was suspected of having a similar problem not too long ago, for instance, where its website was possibly hacked and also urged its users to change their personal information.
However, the scope that eBay is dealing with is much greater than Bit.ly or other latest attacks. The eCommerce company has a user base of 145 million and any of their accounts may have been compromised.
"We are working with law enforcement and leading security experts to aggressively investigate the matter," the company says.
What may be a relief to anyone with an eBay account is that the compromise is said to not have revealed any financial information. So bank information, credit card numbers and linked Paypal accounts should be safe from the perpetrators. This is because the data is stored on a separate and encrypted network.
"eBay regrets any inconvenience or concern that this password reset may cause our customers," the company says. "We know our customers trust us with their information, and we take seriously our commitment to maintaining a safe, secure and trusted global marketplace."
It is certainly a relieve that eBay had encrypted and put financial data on separate networks or servers than the rest of the personal information users inputted into the system. Security really needs to come in multiple layers these days and the largest companies that have the most to lose should take every precautions they can.
What is disappointing and worrisome is that the attackers breached eBay in some matter a few months ago; while eBay discovered this breach two weeks before this major attack occurred. It is a bit worrisome that eBay wasn't able to stop them in their tracks.
"That's a long time for an attacker to be in your network," says Tyler Shields, a security analyst at Forrester Research. "I'd be very concerned about the continued [presence] of the attacker and what else they may have taken."