Ebay warns customers to change passwords after security breachThursday 22 May 2014 10.32
Online retailing and auction site Ebay is to instruct its users to change their passwords, after one of its databases was breached in a hacking attack.
The database contained encrypted passwords and other non-financial information.
In a blog post on the company's website, Ebay said the database was breached between late February and early March of this year, but only came to light in the last fortnight.
It said the breach came about when a small number of employee log-in credentials were compromised by cyber attackers, allowing unauthorised access to Ebay's corporate network.
The company said the database contained Ebay customers' names, encrypted passwords, email addresses, physical addresses, phone numbers and dates of birth.
However, it did not contain financial information or other confidential personal information.
Ebay, which has a large office in west Dublin, said after conducting extensive tests on its networks, it found no evidence of the compromise resulting in unauthorised activity for Ebay users, and no evidence of any unauthorised access to financial or credit card information, which is stored separately in encrypted formats.
However, the company is still recommending that users change their passwords.
The company has apologised for the inconvenience, saying information security and customer data protection are of paramount importance to it.
The breach does not affect users of PayPal, the online payment service owned by Ebay, as PayPal financial data is stored on a separately secure network and is encrypted.
Ebay users will be contacted by the company by email today, to inform them about what to do next.
The company is also encouraging any Ebay user who utilised the same password on other sites to change those passwords too.