eBay wants users to change passwords after being hacked

Steven Loeb · May 21, 2014 · Short URL: https://vator.tv/n/3717

No financial information was breached, but hackers got access to names, addresses and phone numbers

In what is becoming a distressingly routine event these days, another major, and widely trusted, Internet company has been hacked.

This time it was eBay, which revealed on Wednesday that its database had been breached back in between late February and early March, though the company only became aware of the incident two weeks ago.

The company says that there is "no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats," nor any unauthorized access to any personal or financial information for PayPal users.

Still, eBay is urging its users to change their passwords, just to be on the safe side, as "changing passwords is a best practice and will help enhance security for eBay users."

"Information security and customer data protection are of paramount importance to eBay Inc., and eBay regrets any inconvenience or concern that this password reset may cause our customers," the company wrote. "We know our customers trust us with their information, and we take seriously our commitment to maintaining a safe, secure and trusted global marketplace."

So, even though no financial info was leaked, what did the hackers get access to? Using what eBay calls a "small number of employee log-in credentials," the hackers were able to see the name, encrypted password, email address, physical address, phone number and date of birth of eBay customers. 

The company noted that it will begin e-mailing its users today to update their information, and, if they use the same password on other sites (which, come on, everyone totally does) they should change those also.

With this news, eBay becomes just the latest website which most people likely thought was secure to be breached. Dating back to last year, the list of other companies to be hacked includes TwitterFacebook,ZendeskAppleMicrosoftEvernoteSnapchatSkype and Bitly.

That is not to mention the retail stores that were also hit, including Target, which may have affected 70 million customers who shopped there; Neiman Marcus, whose breach could have affected 1.1 million cards potentially affected, with 2,400 already being used fraudulently; and Michaels, which put 3 million cards at risk.

In January, the FBI released a report that said that a total of  20 cases of retailers being hacking had occured in the past year

Not surprisingly, all of this has led to a rash of Internet security companies popping up and getting funded. Take a look at how many have raised money this year alone:

In February, cyber security company Shape Security raised $40 million in Series C funding; Cybereason, a platform that proactively detects, and stops, security threats emerged from stealth mode with $4.6 million;  cloud security company Elastica came out of stealth with $6.3 million; and cloud security company Apparity raised $8 million in an oversubscribed Series A round.

In March, Wickr, a communications app that focuses on security, raised $9 million in Series A funding. The company also began selling its security technology to app developers.

In addition, smart home security system Canary raised a $10 million Series A; Niara, a stealth enterprise security company, raised $9 million in funding; Verdasys, a security firm that specializes in endpoint data protection, raised $12 million; TrueVault, a healthcare app data security startup, raised $2.5 million in funding; network security startup Vectra Netoworks raised $17.8 million in funding; and Synack, a startup that has created a system to safely crowdsource security testing, raised $7.5 million in funding.

In addition, software security company Palo Alto Networks entered into an agreement to purchase Cyvera, a privately held cybersecurity company, for the price of around $200 million.

(Image source: forbes.com)


Support VatorNews by Donating

Read more from our "Trends and news" series

More episodes

Related Companies, Investors, and Entrepreneurs



Joined Vator on

Cybereason delivers a proprietary technology platform that automatically uncovers malicious operations (Malops™) and reconstructs them as a clear image of a cyberattack in context. This enables enterprises to discover sophisticated targeted threats at a very early stage, disrupt them at the stem and significantly reduce the costs and damages caused by such attacks. Cybereason is headquartered in Cambridge, MA with offices in Tel Aviv, Israel. For more information, please visit www.cybereason.com, www.twitter.com/Cybereason, www.facebook.com/Cybereason, and www.linkedin.com/company/Cybereason.