A cyber attack on eBay has prompted the online auction house to issue a statement asking all users to change their passwords.
eBay is instructing users to change their passwords after a cyber attack compromised a database containing “encrypted passwords and other non-financial data”.
It stressed that after conducting “extensive” network tests, the company had found no evidence of unauthorised activity of user accounts following the attack.
How did this happen?
eBay has released a statement explaining that a small number of employee log-in credentials were compromised, allowing the perpetrators access to the eBay corporate network.
[SPOTLIGHT]The auction site said: “Working with law enforcement and leading security experts, the company is aggressively investigating the matter and applying the best forensics tools and practices to protect customers.”
The database, which was compromised between late February and early March is said to have contained eBay customers’ names, encrypted passwords, email addresses, physical addresses, phone numbers and dates of birth.
Users will be notified later today via email, site communications and other marketing channels. eBay called on members who usethe same password for eBay on other sites to change those passwords too, with the advice that the same password should never be used across multiple sites or accounts.
For advice on picking a strong password, read How to protect your PINs and passwords.
Good tips include using at least eight characters, including special characters (eg %, $, ^) in your password and a mix of upper- and lower-case letters. This password generator can produce strong passwords for you to learn and use.
This story has been updated since its original publication
More from lovemoney.com
How to protect PINs and passwords
eBay changes private seller listing fees