EBay asks 145 million users to change passwords after cyber attack - News and Current Events | futures.io
futures.io futures trading

Go Back   futures.io

> Futures Trading, News, Charts and Platforms > Traders Hideout > News and Current Events

EBay asks 145 million users to change passwords after cyber attack
Started:May 21st, 2014 (08:56 PM) by kbit Views / Replies:105 / 0
Last Reply:May 21st, 2014 (08:56 PM) Attachments:0

Welcome to futures.io.

Welcome, Guest!

This forum was established to help traders (especially futures traders) by openly sharing indicators, strategies, methods, trading journals and discussing the psychology of trading.

We are fundamentally different than most other trading forums:
  • We work extremely hard to keep things positive on our forums.
  • We do not tolerate rude behavior, trolling, or vendor advertising in posts.
  • We firmly believe in openness and encourage sharing. The holy grail is within you, it is not something tangible you can download.
  • We expect our members to participate and become a part of the community. Help yourself by helping others.

You'll need to register in order to view the content of the threads and start contributing to our community. It's free and simple, and we will never resell your private information.

-- Big Mike

Thread Tools Search this Thread

EBay asks 145 million users to change passwords after cyber attack

Old May 21st, 2014, 08:56 PM   #1 (permalink)
Elite Member
Aurora, Il USA
Futures Experience: Advanced
Platform: TradeStation
Favorite Futures: futures
kbit's Avatar
Posts: 5,839 since Nov 2010
Thanks: 3,275 given, 3,321 received

EBay asks 145 million users to change passwords after cyber attack

EBay Inc said on Wednesday that a cyber attack carried out three months ago has compromised customer data, and the company urged 145 million users of its online commerce platform to change their passwords.

The company said unknown hackers stole email addresses, encrypted passwords, birth dates, mailing addresses and other information in an attack carried out between late February and early March. The files did not contain financial information.

An eBay spokeswoman said a large number of accounts may have been compromised, but declined to say how many. EBay said it found no evidence of unauthorized access to financial or credit card information at its PayPal payments subsidiary, which encrypts and stores its data separately.

EBay shares were down 0.2 percent late Wednesday afternoon, compared with a 0.9 percent rise in the Nasdaq Composite Index.

The e-commerce company's stock has steadily fallen since late March as part of a broader slide in technology shares. Last month, eBay reached an accord with activist investor Carl Icahn, who had been calling for the company to spin out PayPal, which is growing quickly.


Security experts advised EBay customers to be on the alert for fraud, especially if they used the same passwords for other accounts.

"This is not a breach that only hurts EBay. This is a breach that hurts all websites," said Michael Coates, director of product security with Shape Security.

He said that companies typically only ask users to change passwords if they believes there is a reasonable chance attackers may unscramble encrypted passwords.

Once the passwords are unscrambled, attackers could use automated software that seeks to log into thousands of popular services, including Facebook, Twitter, popular email services and online banking sites, he said.

EBay spokeswoman Amanda Miller said the company was making the request "out of an abundance of caution" and that it used "sophisticated," proprietary hashing and salting technology to protect the passwords.

Amit Yoran, senior vice president of EMC Corp's RSA security division, said that cyber criminals sometimes take data from multiple breaches, combining them into detailed portfolios that fraudsters can use for scams.

"We are seeing a level of sophistication in the cybercrime world where they are able to pull data from multiple exploits to create stronger profiles of individuals," Yoran said. "The more detailed information fraudsters have, the better their ability to successfully perpetrate fraud."


EBay said its investigation of the breach is ongoing, with assistance from law enforcement.

"For the time being, we cannot comment on the specific number of accounts impacted," eBay spokeswoman Kari Ramirez said. "However, we believe there may be a large number of accounts involved."

The company said it had not seen any indication of increased fraudulent activity on eBay and that there was no evidence its PayPal online payment service had been breached.

EBay provided little information about how the hackers got in. It said they obtained login credentials for "a small number" of employees, allowing them to access eBay's corporate network.

It said it discovered the breach in early May and immediately brought in security experts and law enforcement to investigate.

"We worked aggressively and as quickly as possible to insure accurate and thorough disclosure of the nature and extent of the compromise," Miller said when asked why the company had not immediately notified users.

When asked who was behind the attack, she said: "We will not speculate on who is responsible at this time."


Research analysts said there was not enough information available to assess whether eBay had been negligent.

"The real key question going forward will be if any money has been stolen, or any unauthorized activity been performed," Wedbush Securities analyst Gil Luria said. "As long as this is not the case, this thing will come and go and will not be an issue for eBay."

Security experts say that virtually every major corporation, government agency and other organization has been hacked at one time.

They say it is almost impossible to prevent hackers from getting into networks using social engineering techniques such as sending carefully crafted phishing emails that lure targets to tainted websites or entice them to click on malicious links. In some cases they infect websites frequented by their targets, such as the sandwich shop of a local restaurant or professional organizations.

EBay's shares fell as low as $50.30 in early trading on the Nasdaq before recovering to $51.83 in late afternoon.

EBay has been attacked before. In February, the Syrian Electronic Army hacking group breached and defaced websites belonging to PayPal UK and eBay.

One of the biggest breaches at a U.S. company was at retailer Target Corp, where hackers last year stole some 40 million credit card numbers and another 70 million customer records.

Last month, U.S. web media company AOL Inc urged its tens of millions of email account holders to change their passwords and security questions, saying a cyber attack compromised about 2 percent of its accounts.

EBay asks 145 million users to change passwords after cyber attack | Reuters

Reply With Quote


futures.io > Futures Trading, News, Charts and Platforms > Traders Hideout > News and Current Events > EBay asks 145 million users to change passwords after cyber attack

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Upcoming Webinars and Events (4:30PM ET unless noted)

An Afternoon with FIO trader bobwest

Elite only

NinjaTrader 8: Programming Profitable Trading Edges w/Scott Hodson

Elite only

Anthony Drager: Executing on Intermarket Correlations & Order Flow, Part 2

Elite only

Adam Grimes: Five critically important keys to professional trading

Elite only

Machine Learning Concepts w/FIO member NJAMC

Elite only

MarketDelta Cloud Platform: Announcing new mobile features

Dec 1

NinjaTrader 8: Features and Enhancements

Dec 6

Similar Threads
Thread Thread Starter Forum Replies Last Post
Quantum Dawn 2 cyber attack drill July 18 2013 Big Mike Traders Hideout 6 June 27th, 2013 11:35 PM
City Of Chicago Website Target Of Cyber Attack? kbit News and Current Events 0 May 20th, 2012 02:38 PM
Suspected cyber-attack hits Iranís oil sector kbit News and Current Events 0 April 23rd, 2012 08:25 PM
Google warns TWO MILLION users their computers have been infected with a virus kbit Tech Support 3 July 25th, 2011 04:46 AM
Panetta warns cyber attack could be 'next Pearl Harbor' kbit News and Current Events 0 June 14th, 2011 12:37 PM

All times are GMT -4. The time now is 01:34 PM.

Copyright © 2016 by futures.io. All information is for educational use only and is not investment advice.
There is a substantial risk of loss in trading commodity futures, stocks, options and foreign exchange products. Past performance is not indicative of future results.
no new posts

Page generated 2016-10-25 in 0.07 seconds with 19 queries on phoenix via your IP