EBay Tells Users to Change Passwords After Hack Attack
EBay Inc. signage is displayed outside the company's north campus in San Jose, California, U.S., Aug. 13, 2013 (David Paul Morris/Bloomberg via Getty Images, via ABC News).
By Aaron Katersky | ABC News
(ABC) - The popular online bidding site eBay is urging its customers to change their passwords after hackers managed to slip into one of its databases months ago.
In a posting on the company’s website, eBay said a cyber-attack “compromised a database containing encrypted passwords and other non-financial data.”
Hackers broke into the database "between late February and early March," but eBay didn't detect a problem with employee log-in credentials -- which the hackers had hijacked -- until about two weeks ago, the statement said.
The company assured customers that it's seen “no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats.”
“However,” the company said, “changing passwords is a best practice and will help enhance security for eBay users.”
EBay said the hackers would have had access to customer information like name, encrypted password, email address, physical address, phone number and date of birth. "[T]he database did not contain financial information or other confidential personal information," the company said.
If shoppers use the same password on other sites, the company urged they change those as well.
“Working with law enforcement and leading security experts, the company is aggressively investigating the matter and applying the best forensic tools and practices to protect customers,” the company posting said.