Online auction site eBay has advised its clients to change their passwords after a cyber-attack allowed hackers to gain access to one of its databases. Information stolen included personal details of 145 million accounts.
eBay spokeswoman Amanda Miller told Reuters that the hackers gained access to 145 million records, of which they copied "a large part." Those records contained passwords, email addresses, birth dates, mailing addresses and other personal information, but not financial data such as credit card numbers - this data was encrypted separately.
The California-based company has been asking its users “to change their passwords because of a cyber-attack that compromised a database containing encrypted passwords and other non-financial data,” according to a statement released on the company website.
The online auction company with a global customer base of 233
million also reassured users that credit card details and other
financial data is stored separately in encrypted formats.
Hackers reportedly gained access through employee login
credentials which they said thereby allowed “unauthorized
access to eBay’s corporate network.”
The attack took place between late February and early March and
the hackers gained access to a database which stored details
included names, passwords, email addresses, real addresses and
birthdays.
Shares in the company, which operates in 37 markets, fell some
3.2 percent in what is the latest notable cyber-attack on a big
US company.
The company announced that it is “aggressively investigating
the matter,” working with law enforcement and leading
security experts.
In December, Target Corp. announced that it had fallen victim to
cyber-attacks, with hackers seizing details of some 40 million
credit and debit cards of the retailer’s customers. In April, AOL
also announced that 2 percent of its accounts had been
compromised and also urged their email account holders to change
passwords in a subsequent statement.