eBay confirmed yesterday that it had been hit by a cyberattack which left a database compromised. It included users’ personal information like email addresses, names, addresses, date of birth and more. The company did say that none of the financial information had been compromised, meaning that credit and debit card information remained safe. Since the news broke yesterday stolen eBay account dumps have appeared for sale online. The company says that they’re not authentic.
A couple of offers have already gone live on Pastebin for “full eBay database dumps.” Anyone willing to purchase them can bay via bitcoin to remain anonymous. Since eBay confirms that these are not “authentic eBay accounts,” its possible that someone might be trying to bait people into paying them a huge sum for worthless information.
eBay advised all users yesterday to change their passwords, particularly if the same password is used elsewhere. However a lot of users faced issues when trying to do just that. The announcement caused a spike in traffic as people rushed to change their passwords and eBay struggled with the surge.
Hopefully the traffic spike would have normalized by now and those who were not able to change their passwords yesterday would be able to do so now. eBay assures users that no activity can occur on their accounts until they rest the password.