After cyberattack, eBay recommends password change
New York: US online giant eBay today said cyberattackers broke into its database with customer passwords and other personal data in what could be one of the biggest breaches of its kind.
The California company said it was notifying its customers, urging them to change passwords to protect their personal and financial information.
An eBay statement said the database was compromised between late February and early March and "included eBay customers` name, encrypted password, email address, physical address, phone number and date of birth."
But it added that it "did not contain financial information or other confidential personal information."
An eBay spokeswoman said the attack did not affect data from PayPal, the finance and payments unit of the company, noting that PayPal data is stored separately.
"For the time being, we cannot comment on the specific number of accounts impacted," spokeswoman Kari Ramirez said in an email.
"However, we believe there may be a large number of accounts involved and we are asking all eBay users to change their passwords."
Potentially affecting eBay`s 128 million active users globally, the attack could be one of the largest affecting a retailer, and comes just months after retail giant Target disclosed a breach which could affect more than 100 million.
The company said it detected "compromised employee log-in credentials" about two weeks ago and began an investigation.
"Cyberattackers compromised a small number of employee log-in credentials, allowing unauthorized access to eBay`s corporate network," the company said.
The statement added eBay "is aggressively investigating the matter and applying the best forensics tools and practices to protect customers," adding that it was working with law enforcement and security experts.
"Information security and customer data protection are of paramount importance to eBay Inc, and eBay regrets any inconvenience or concern that this password reset may cause our customers," the statement said.
"We know our customers trust us with their information, and we take seriously our commitment to maintaining a safe, secure and trusted global marketplace."
The announcement came amid some confusion about the breach. The company appeared to post a statement, then removed it before issuing a news release, said London-based security consultant Graham Cluley.
More from India
More from World
More from Sports
More from Entertaiment
- China condemns Pakistan over Uri terror attack
- Indian- Americans launch online petition to declare Pakistan 'sponsor of terrorism'
- DNA: Analysis over who is responsible for tense condition of Kashmir after Burhan Wani's death?
- Congress workers thrash students for showing black flags to Rahul Gandhi in Raebareli
- Should Pakistani artists be restricted from working in India?
- Onam Bumper Lottery/Kerala Thiruvonam Bumper-2016 BR-51 draw result declared - Here is the winning ticket number
- Uri attack: Israel ready to help India with cutting-edge technology to secure borders
- India's Rafale vs Pakistan's F-16: Why the French fighter jet is the best choice for dogfight
- MNS ultimatum to Pakistani actors: Leave India in 48-hour deadline
- All you need to know about Reliance JioFi at Rs 1,999 – use free data till December 31