Ebay Hacked
05-21-14, 10:57 AM
#1
DVD Talk Gold Edition
Thread Starter
Ebay Hacked
The online auction and sales giant eBay posted a message Wednesday morning saying that it had been hacked, urging all of its members to change their passwords.
The company said in a statement that a database containing encrypted passwords had been breached, but that financial data, including credit card information, was stored separately and was still safe. Hackers were able to gain access to eBay employee log-ins, eBay said, which in turn gave them access to the encoded passwords.
eBay says that no unauthorized transactions have yet been made with the information. But if you’re an eBay user, you still definitely need a new password.
“[C]hanging passwords is a best practice,” the statement said, “and will help enhance security for eBay users.”
In the statement, which was unsigned, eBay said that the attack took place between late February and early March. Though the passwords that the hackers gained access to were encrypted, or obscured by a code to prevent easy reading, eBay did say that the hackers were able to access members’ names, email addresses, physical addresses, phone numbers, and dates of birth.
The real takeaway from this: Change your eBay password (go to My eBay and open the Personal Information link you’ll see on the left). If you use the same password on multiple sites, you’ll need to change those passwords, too, should the hackers successfully break the encryption.
The company said in a statement that a database containing encrypted passwords had been breached, but that financial data, including credit card information, was stored separately and was still safe. Hackers were able to gain access to eBay employee log-ins, eBay said, which in turn gave them access to the encoded passwords.
eBay says that no unauthorized transactions have yet been made with the information. But if you’re an eBay user, you still definitely need a new password.
“[C]hanging passwords is a best practice,” the statement said, “and will help enhance security for eBay users.”
In the statement, which was unsigned, eBay said that the attack took place between late February and early March. Though the passwords that the hackers gained access to were encrypted, or obscured by a code to prevent easy reading, eBay did say that the hackers were able to access members’ names, email addresses, physical addresses, phone numbers, and dates of birth.
The real takeaway from this: Change your eBay password (go to My eBay and open the Personal Information link you’ll see on the left). If you use the same password on multiple sites, you’ll need to change those passwords, too, should the hackers successfully break the encryption.
https://www.yahoo.com/tech/ebay-hack...405258249.html
05-21-14, 11:44 AM
#2
DVD Talk Legend
Re: Ebay Hacked
Yep, saw that. With all these hacks, people might as well just change all their passwords every few months like they should be.
I don't have an eBay account, though.
I don't have an eBay account, though.
05-21-14, 02:31 PM
#3
DVD Talk Hero
Re: Ebay Hacked
Ugh. This is more of a hassle than anything. I'm skeptical that anyone will lose money. But it's a hassle for a lot of people.
Someone stole my business banking account # a year ago. For a few months, there were 5-10 daily calls, from stupid Craigslist users, who wanted to "check the validity" of the check they received. For a small business, it can really take away from productivity time.
The worst part is that the people who reply to those scams are usually total morons. So you have to talk to 5-10 total morons per day. Conversations ranged from "thank you for your time and good luck with fixing your problem" to "fuck you, I'm depositing the check and someone is going to be sued if it bounces" or "I'm reporting this to the FBI".
Ebay will find a way to program in a simple "forced password reset" during login ... within the next two years. They're too large to fix problems quickly. Many people would find it hard to believe how many inefficient and nonsensical problems exist in Ebay's system.
Someone stole my business banking account # a year ago. For a few months, there were 5-10 daily calls, from stupid Craigslist users, who wanted to "check the validity" of the check they received. For a small business, it can really take away from productivity time.
The worst part is that the people who reply to those scams are usually total morons. So you have to talk to 5-10 total morons per day. Conversations ranged from "thank you for your time and good luck with fixing your problem" to "fuck you, I'm depositing the check and someone is going to be sued if it bounces" or "I'm reporting this to the FBI".
Ebay will find a way to program in a simple "forced password reset" during login ... within the next two years. They're too large to fix problems quickly. Many people would find it hard to believe how many inefficient and nonsensical problems exist in Ebay's system.
05-21-14, 03:05 PM
#4
DVD Talk Hero
Re: Ebay Hacked
Wonderful, the same secure password that had worked for me on eBay since 1998, now has to be changed. Companies really don't care about their computer security that much, or simply aren't willing to pay for it.
Last edited by PhantomStranger; 05-21-14 at 03:25 PM.
05-21-14, 05:02 PM
#5
Re: Ebay Hacked
For such a massive company that makes MILLIONS off people's merchandise you would think they would keep it locked down when it comes to users private information. 
05-21-14, 09:30 PM
#6
DVD Talk Hero
Re: Ebay Hacked
The amount of info stolen this time is quite disturbing. They have everything necessary to open up fraudulent credit card accounts and other uses of identity theft. This appears to be worse than the smaller breaches at WBshop and others.
05-21-14, 10:23 PM
#7
DVD Talk Hall of Fame
Re: Ebay Hacked
Hopefully this will add fuel to the fire to those who feel Ebay is rapidly failing as a company (due to avarice and greed), and MAYBE provide the seeds for some more competition in the online auction area.
This breach just provides further proof that Ebay doesn't really care about their customer database, but of course nickel and diming us with increased fees is paramount. Filling the CEO's pockets is #1.
What is millions of customers' time worth? Very little, according to Ebay. Yes, we should all change passwords regularly, but we still expect more robust encryption that what Ebay apparently has been using.
This breach just provides further proof that Ebay doesn't really care about their customer database, but of course nickel and diming us with increased fees is paramount. Filling the CEO's pockets is #1.
What is millions of customers' time worth? Very little, according to Ebay. Yes, we should all change passwords regularly, but we still expect more robust encryption that what Ebay apparently has been using.
05-21-14, 11:26 PM
#9
DVD Talk Gold Edition
Re: Ebay Hacked
Wait...they were hacked in Feb/March and we are just learning this NOW?
Is there even one company anymore that gives a good shit about consumers?
Is there even one company anymore that gives a good shit about consumers?
05-22-14, 02:44 AM
#12
DVD Talk Legend
Re: Ebay Hacked
This is kind of annoying. I go to my account settings so I can change the password, but they make me enter my email address or username so they can reset the password instead.
Why can't I just change it there? It's not as if I'm going to use whatever they automatically assign me. It's been at least 15 minutes and I haven't received any email.
Edit: never mind, I'm an idiot. It's there to keep an attacker from changing your password and locking you out of your account.
Why can't I just change it there? It's not as if I'm going to use whatever they automatically assign me. It's been at least 15 minutes and I haven't received any email.
Edit: never mind, I'm an idiot. It's there to keep an attacker from changing your password and locking you out of your account.
Last edited by Drexl; 05-22-14 at 03:02 AM.
05-22-14, 08:14 AM
#13
Moderator
Re: Ebay Hacked
Where did you see this?
In their official statement they said:
In their official statement they said:
The company said it has seen no indication of increased fraudulent account activity on eBay. The company also said it has no evidence of unauthorized access or compromises to personal or financial information for PayPal users. PayPal data is stored separately on a secure network, and all PayPal financial information is encrypted.
http://blog.ebay.com/ebay-inc-ask-eb...nge-passwords/
http://blog.ebay.com/ebay-inc-ask-eb...nge-passwords/
05-22-14, 08:20 AM
#14
Moderator
Re: Ebay Hacked
And this is from Paypal's official blog:
Of course, if you used the same password at both sites, you should probably change it.
Extensive forensic research has shown no evidence of unauthorized access or compromise to personal or financial information for PayPal customers. PayPal customer and financial data is encrypted and stored separately, and PayPal never shares financial information with merchants, including eBay.
https://www.paypal-community.com/t5/...al/ba-p/815612
https://www.paypal-community.com/t5/...al/ba-p/815612
05-22-14, 08:29 AM
#15
DVD Talk Gold Edition
Re: Ebay Hacked
I just tried changing my password and got this:
"Sorry! We're currently experiencing technical difficulties and are unable to complete the process at this time"
Terrific!
"Sorry! We're currently experiencing technical difficulties and are unable to complete the process at this time"
Terrific!
05-22-14, 03:56 PM
#16
DVD Talk Legend
Join Date: Apr 2003
Location: Land of the Lobstrosities
Posts: 10,300
Likes: 0
Received 1 Like
on
1 Post
Re: Ebay Hacked
I just read the news about this today. Check my email to see if Ebay sent a notification, nothing. I go to ebay's homepage, nothing. Login, nothing. Check my ebay messages, nothing.
Since the breach is already months old they obviously aren't in hurry to protect their users from further damage, but now that the cat is out of the bag they could at least pretend to take it seriously.
Since the breach is already months old they obviously aren't in hurry to protect their users from further damage, but now that the cat is out of the bag they could at least pretend to take it seriously.
05-22-14, 05:10 PM
#17
DVD Talk Legend
Re: Ebay Hacked
I just read the news about this today. Check my email to see if Ebay sent a notification, nothing. I go to ebay's homepage, nothing. Login, nothing. Check my ebay messages, nothing.
Since the breach is already months old they obviously aren't in hurry to protect their users from further damage, but now that the cat is out of the bag they could at least pretend to take it seriously.
Since the breach is already months old they obviously aren't in hurry to protect their users from further damage, but now that the cat is out of the bag they could at least pretend to take it seriously.
It's as if the plan is to keep quiet about it, except to those that heard about it and want to protect themselves.
05-22-14, 08:26 PM
#18
DVD Talk Hall of Fame
Re: Ebay Hacked
One of these days, someone will build up a class-action lawsuit on that kind of hiding / obfuscating / denying / minimizing of the security issue. Soon, in one of these breaches, someone with a lot of clout is going to suffer massive monetary damages. Who will then be financially responsible? It will be a pivotal case, and one which, I hope, will be a win for the consumer and a wake-up call to big corporations like Ebay, Target, and Amazon to wake up and start actually caring about their customers and not just their bottom line.
05-23-14, 04:49 AM
#19
DVD Talk Legend
05-23-14, 02:12 PM
#20
DVD Talk Special Edition
Re: Ebay Hacked
