Internet auction giant eBay announced today that it was the victim of a “cyberattack that compromised a database containing encrypted passwords and other non-financial data.” As a result, the company is urging all its users to change their passwords.
“Information security and customer data protection are of paramount importance to eBay Inc., and eBay regrets any inconvenience or concern that this password reset may cause our customers,” the company wrote in a statement. “We know our customers trust us with their information, and we take seriously our commitment to maintaining a safe, secure and trusted global marketplace.”
The hacked database contained customers’ names, email addresses, physical addresses, phone numbers, date of birth and encrypted passwords. It is not believed that the hackers were able to unencrypt passwords, nor has eBay detected an increase in fraudulent activity. Data pertaining to PayPal accounts was not compromised, as it's stored on a separate network.
Of course, this year’s Heartbleed scare taught us that online encryption is far from bulletproof, and eBay is beloved by international scammers who would love access to your account. You’ll definitely want to heed eBay’s advice and change your password on the site, even if you haven’t used the it in a long while. You should also change your password on any other site that might share your eBay password, though repeating passwords is bad security practice.
For more on the eBay hack, visit the company’s news center. You might also want to read these 5 tips for creating your next strong, hard-to-crack password.