You should receive still one email from eBay asking you to change your password. The e-commerce platform announced that a database containing encrypted passwords and other personal customer information was accessed improperly between late February and early March. The problem was discovered after an internal investigation and publicly revealed on the morning of Wednesday (21).
According to eBay, the compromised database did not contain financial information and there is no evidence that credit card numbers have been accessed improperly. This information is especially important because, as you know, eBay owns PayPal. Fortunately, all PayPal data are stored separately and there is no evidence that they have been exposed.
The information compromised include encrypted passwords, customer names, email addresses, physical addresses, phone numbers and dates of birth. As some users have the habit of using the same combination of various services, a habit that the company strongly discourages it is recommended to change your passwords not only on eBay but in all other places where the same password was used.
How did the attack? According to eBay, criminals managed to get a small number of staff credentials, allowing unauthorized access to the corporate network. Although the problem has occurred for at least two months, the company has just discovered that the passwords of the employees were engaged two weeks ago. Since then, an internal investigation was initiated, which ended up revealing the compromised database.
The 112 million eBay users will still be notified today by e-mail, messages on the site itself and other marketing channels of the company.