eBay Hackers Quietly Got Away With 145M User Records 3 Months Ago

Image: eBay Hackers Quietly Got Away With 145M User Records 3 Months Ago

Thursday, 22 May 2014 08:46 AM

By Newsmax Wires

  Comment  |
   Contact  |
  Print  
|  A   A  
  Copy Shortlink
In what is poised to go down as one of the biggest data breaches in history, three months ago hackers raided eBay's network three months ago, accessing some 145 million user records, yet news of the attack is just now surfacing.

Ebay officials are now advising customers to change their passwords immediately, saying they were among the pieces of data stolen by cyber criminals who carried out the attack between late February and early March.

EBay spokeswoman Amanda Miller told Reuters late on Wednesday that those passwords were encrypted and that the company had no reason to believe the hackers had broken the code that scrambled them.

Urgent: Do You Approve Or Disapprove of President Obama's Job Performance? Vote Now in Urgent Poll

"There is no evidence of impact on any eBay customers," Miller said. "We don't know that they decrypted the passwords because it would not be easy to do."

She said the hackers gained access to 145 million records of which they copied "a large part". Those records contained passwords as well as email addresses, birth dates, mailing addresses and other personal information, but not financial data such as credit card numbers.

Miller also said the company has hired FireEye Inc's Mandiant forensics division to help investigate the matter. Mandiant is known for publishing a February 2013 report that described what it said was a Shanghai-based hacking group linked to the Peoples Liberation Army.

EBay earlier said a large number of accounts may have been compromised, but declined to say how many.

Security experts advised eBay customers to be on the alert for fraud, especially if they used the same passwords for other accounts.

"People need to stop reusing passwords and should change their affected passwords immediately across all the sites where they are used," said Trey Ford, global security strategist with cybersecurity firm Rapid7.

Michael Coates, director of product security with Shape Security, said there is a significant risk that the hackers would unscramble the passwords because typically companies only ask users to change passwords if they believe there is a reasonable chance attackers may be able to do so.

Still, eBay said it had not seen any indication of increased fraudulent activity on its flagship site and that there was no evidence its PayPal online payment service had been breached.

EBay said the hackers got in after obtaining login credentials for "a small number" of employees, allowing them to access eBay's corporate network.

It discovered the breach in early May and immediately brought in security experts and law enforcement to investigate, Miller said.

"We worked aggressively and as quickly as possible to insure accurate and thorough disclosure of the nature and extent of the compromise," Miller said when asked why the company had not immediately notified users.

The breach could go down as the second-biggest in history at a U.S. company, based on the number records accessed by the hackers.

Computer security experts say the biggest such breach was uncovered at software maker Adobe Systems Inc in October 2013, when hackers accessed about 152 million user accounts.

It would be larger than the one that Target Corp disclosed in December of last year, which included some 40 million payment card numbers and another 70 million customer records.

Urgent: Assess Your Heart Attack Risk in Minutes. Click Here.

Related Stories:

© 2014 Newsmax. All rights reserved.

  Comment  |
   Contact  |
  Print  
  Copy Shortlink
Send me more news as it happens.
 
 
Get me on The Wire
Send me more news as it happens.
Around the Web
Join the Newsmax Community
Please review Community Guidelines before posting a comment.
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
 
Email:
Country
Zip Code:
Privacy: We never share your email.
 
Hot Topics
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
You May Also Like

Bernie Tiede, Convicted Murderer Mortician, to Get New Sentencing

Wednesday, 26 Nov 2014 17:39 PM

Bernie Tiede, the mortician who was convicted of killing his companion Marjorie Nugent in 1996, will receive a new sente . . .

Chrysler Pentastar Logo Getting Phased Out With FCA Formation

Wednesday, 26 Nov 2014 15:51 PM

Chrysler's iconic Pentastar logo is being phased out as the company introduces a new logo in keeping with the newly form . . .

Jian Ghomeshi: Canadian Radio Host Charged With Sexual Assault

Wednesday, 26 Nov 2014 15:16 PM

Canadian celebrity radio host Jian Ghomeshi has been charged with multiple counts of sexual assault. . . .

Top Stories

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

 
NEWSMAX.COM
America's News Page
©  Newsmax Media, Inc.
All Rights Reserved