eBay has asked 150 million customers to change their passwords after detecting they were victim to a cyber attack several months ago. The breach included email, address, phone number, birthdate and encrypted passwords. The company stated that there is no indicator that financial information was compromised and that that data is stored in separate encrypted formats from the user account data.

eBay disclosed that the attackers gained access to the company’s corporate network in late February and March by compromising an employees login credentials. However, the breach was just discovered two weeks ago.

The company is continuing to work with law enforcement and security experts investigating the incident.





SANS Endpoint Security Maturity Model

Ken Westin

Ken Westin has contributed 157 posts to The State of Security.

View all posts by Ken Westin >