eBay Inc. said late today that it would be asking users to change passwords because of a cyberattack. The cyberattack compromised passwords and non-financial data. The Corporate eBay Blog reports no evidence of any theft or unauthorized activity financially or on credit card information, both of which are stored separately and encrypted. According to the post no Paypal information breach is evident either and that it is also stored in a separate and secure network.
“Cyberattackers compromised a small number of employee log-in credentials,” the site reports. This allows the cyberattacker to access email addresses, physical address, phone numbers and date of birth. The company became aware of the compromised information two weeks ago and began conducting “extensive forensics,” to identify the source. This led to the release of the company’s announcement today.
eBay takes Information Security serious and will continue to protect customers and apologize for any inconvenience they have caused on the 145 million customers served.
Cybercrime has become more frequent, Target, Google, have both fell to cybercrime and even OpenSSL, a security protocol, became victim to “Heartbleed,” recently. There may be no solution to cybercrime anymore than there is to crime in the streets. Taking personal information security precautions to prevent from becoming a victim can be the best option.
Customers should practice good password encrypted security by using a combination of upper and lower case letters, numbers and special characters. Do not use dictionary words when possible and grandmas name and birthdate. Passwords like these can be figured out through a number of social sites and internet databases that can lead to electronic profiling. Change password frequently, the longer the password stays the same the more patience the cyberattack has to figure the password out. Take extra precaution when opening and reading emails containing questions asking for personal information. Most company’s send out emails when changes are made. It makes good practice to go straight to the site before responding to the email to validate the information being requested. Insure that passwords are all different across all platforms, for example do not use the same password on financial sites, email sites and social sites, they should all be different.