The Register-Herald, Beckley, West Virginia

Money

May 22, 2014

No bidding around: Change your eBay password

eBay officials asked 148 million users to change their passwords Wednesday, after hackers gained unauthorized access to eBay’s corporate network and compromised a database containing personal information.

Credit card and other financial information — including that stored on PayPal, an eBay subsidiary — wasn’t compromised, eBay Inc. officials reported Wednesday.

However, customer names, encrypted passwords, e-mail addresses, physical addresses, phone numbers and dates of birth were accessible to hackers.

It was unclear Wednesday how many of eBay’s active accounts were compromised, but officials reported that a “a large number of accounts” were hacked.

eBay is an online marketplace in which members may buy and sell globally.

eBay officials reported that they’d discovered two weeks ago that hackers had compromised a “small number of employee log-in credentials” between late February and early March.

There’s currently no apparent unauthorized activity on eBay accounts, an eBay spokesperson said Wednesday.

However, Raleigh County Sheriff Steve Tanner said Wednesday that becoming a target of identity theft is a possibility once a stranger has gained access to personal information, including the date of birth.

“The date of birth (theft on eBay) is very disconcerting,” he said. “Any time you enter your date of birth or Social Security number, those are the predominant ways we identify people through computer systems.

“If somebody wants to use your name and knows your physical address and date of birth, he may be able to open a credit card on your account.”

Tanner said that it’s no coincidence that hackers breached eBay’s security to gain access to personal information.

“They had a point to this,” he said. “If they got into this system, it will be for profit.

“It may be for your identity or something else they’re doing.”

The company is working with law enforcement and leading security experts to investigate the matter, and said it is “applying the best forensics tools and practices to protect customers.”

Tanner urged local eBay users and all residents to guard personal information and to keep an eye on credit card statements, bank statements and credit history in order to spot any unauthorized activity.

Accounts that aren’t recognized should be reported to local authorities and to the issuing financial institution immediately.

“Most credit cards and banks have protocol and security measures you have access to, and when they see suspicious activities or spending sprees, they contact you.

“You can take advantage of these things,” he added.

Social Security numbers and other information shouldn’t be given out over the phone.

Short of opting not to shop online, there are few steps shoppers can take to avoid being targeted by professional hackers who breach systems like eBay, Tanner said.

“We love the convenience of all the systems like eBay,” he noted. “We become accustomed to that service, we expect that service and, before you know it, we need that service.

“When eBay has a standard that this is the information you have to have for the account, and you agree, if they get violated, you gave this information that could be used against you later.

“You do take a chance, with the convenience. It’s a judgmentcall.”

eBay officials apologized for the inconvenience to eBay users.

In April, hackers reportedly stole a “significant number” of AOL users’ personal information, according to CNN reports.

In related news, Alibaba — a Chinese-based marketplace giant similar to eBay — is preparing to go public in the American market.

—  E-mail: jfarrish@register-herald.com

1
Text Only
Money