eBay: Change your passwords due to cyberattack

Summary:eBay is telling customers they should reset passwords after a database holding customer names, addresses, and passwords was compromised.


eBay issued an advisory to its customers to change their passwords due to a cyberattack that compromised a database holding non-financial data.

The company said it couldn't find any evidence that there was unauthorized activity for eBay customers and no access to financial information. The compromised database held encrypted passwords, but financial data is stored separately. PayPal databases weren't affected.

According to eBay, the compromised database held the following:

  • Customer name
  • Encrypted password
  • Email address
  • Physical address
  • Phone number
  • Date of birth

eBay acknowledged that a mass customer password reset is a pain, but it's best practice to get new credentials following a cyber attack. eBay will begin contacting customers today.

Based on eBay's investigation, attackers compromised employee log-in credentials to get access to the corporate network. The database was hit between late February and early March.

Topics: Security, E-Commerce


Larry Dignan is Editor in Chief of ZDNet and SmartPlanet as well as Editorial Director of ZDNet's sister site TechRepublic. He was most recently Executive Editor of News and Blogs at ZDNet. Prior to that he was executive news editor at eWeek and news editor at Baseline. He also served as the East Coast news editor and finance editor at CN... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.