“Cyberattackers compromised a small number of employee log-in credentials” are never words you want to see, but unfortunately that’s the situation currently facing eBay and users of the service have a bit of a password headache as a result.
From the official news release:
[ebay]…will be asking eBay users to change their passwords because of a cyberattack that compromised a database containing encrypted passwords and other non-financial data. After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users.
Information is still emerging on this one, and no doubt it’ll be a few more days or weeks before the full story is out but the important thing for now is to change your password – and make sure it isn’t shared on any other websites. There’s already been a little bit of confusion where this one is concerned, and Rik Ferguson has five questions (well, five and a bonus round) for us all to ponder while eBay continue to dig into what happened.
Unfortunately it seems that with every month that passes, a major breach occurs and security bloggers like myself suggest the use of password managers to keep your vast array of logins in check. Feel free to check over this list and pick one that takes your fancy – they’re quickly becoming indispensable tools in the war against data theft.