Ebay data breach

Yesterday, a public notification from Ebay informed its users that there had been a significant data breach at the organization and information had been removed from their databases by attackers.  The attackers didn't exploit any database vulnerabilities or access a backdoor in Ebay's web portal, but simply tricked some employees into giving away their usernames and passwords. 

Fortunately, no financial data was lost, but as a precaution Ebay has asked all users to reset their passwords.

http://nakedsecurity.sophos.com/2014/05/21/ebay-becomes-the-latest-online-giant-to-own-up-to-a-password-breach/

I would suggest that if you have an ebay account to change your password as a precaution. Also, be wary of phishing emails that may try to steal your credentials now that this breach has been made public. Attackers will try to use this announcement as a way to trick Ebay users into changing their passwords on fake websites.  Make sure you are actually on the ebay site (www.ebay.com or www.ebay.ca) when changing your password.

 

Category: