Was eBay Hacked Today?
26 September 2007Slashdot is reporting and it has been confirmed on eBay’s blog “The Chatter” that posts were made today to the Trust and Safety forum on eBay. Currently the Trust and Safety forum is offline until further notice. Apparently, eBay wasn’t really hacked as most of the actual financial information isn’t correct. What was correct was the username, real name, and contact information. How did the hacker get that? Well, there are several ways that it could have happened.
The hacker could have hacked the database and pulled the information. However, this is not likely the case as the credit card information that was in the posts was not tied to the accounts in either eBay or Paypal. It is also entirely possible that the hacker got the names and information as part of a account hijacking phishing scam.
What I think is even more likely, is that the hacker managed to get the names, usernames, and contact information from the printer of the fancy catalog that eBay just sent out last week. The catalog contained the real name and address on the outside and had the username as part of the URL on the inside.
In any case, it does seem that the financial information of the users wasn’t compromised, and eBay is on top of things and working to get the issue resolved. I would suggest that you consider changing your password if you are at all concerned that your account may have been one of the ones on the list. You should change the password every 6-12 months anyways, you’re probably overdue.
[tags]ebay,hacked,hacker,username,paypal[/tags]
If you found this page useful, consider linking to it.
Simply copy and paste the code below into your web site (Ctrl+C to copy)
It will look like this: Was eBay Hacked Today?
September 27th, 2007 at 10:27 am
Interesting. The boards were buzzing about the hack.
Hey, let me invite you to think about that old conventional wisdom about changing your password regularly. I challenge that bit of thinking. Why?
1) Use smart and safe practices every day. Keep your computer safe with anti-spyware, anti-virus and firewalls.
2) Don’t ever write your password down and store it near your computer!
3) Don’t log on to secure sites from anybody else’s computer.
4) Don’t click links in email that invite you to take action, like changing a password.
5) Keep a general login password on your computer so it is secure if someone steals it.
6) Don’t tell anybody your password or let anybody use your account.
7) Log out when you are done.
So why should you NOT follow old advice and change your PW regularly?
1) Do all those things and nobody will ever get your password! It won’t be necessary. BUT -
2) If you are sloppy on any of those, then changing your PW once a month won’t do a darned thing. Somebody can get it before the 30 days are up!
Challenge all old “conventional wisdom” when it comes to eBay. I’m serious. I’ve been doing this for 9 years now.
September 28th, 2007 at 4:02 pm
looks like you know a little too much about this ebay hacking case…