Better Change That Password Now

EVERY eBay Account Holder Worldwide Has Been Hacked, Company Says

Hackers obtain name, address, date of birth, telephone number, email address and password of 233 million people

05.22.14 9:45 AM ET

The online auction site eBay has admitted that the name, address, date of birth, telephone number, email address and encrypted password of every eBay account holder worldwide – 233 million people – have been obtained by hackers, in one of the world’s largest ever online security breaches.

Picture taken on July 01, 2008 of the Internet auctioneer logo at Ebay-France headquarters in Paris. A Paris court ordered on June 30, 2008 eBay to pay 40 million euros (63 million dollars) in damages to Louis Vuitton for selling fake luxury goods online. EBay, the world's largest online auctioneer, immediately announced it was lodging an appeal and rejected the view that the court decision was a victory for copyright law. AFP PHOTO JACQUES DEMARTHON (Photo credit should read JACQUES DEMARTHON/AFP/Getty Images)


ebay has said all users should change their passwords immediately.

The vast cache of sensitive data could be used for an almost limitless number of fraudulent purposes by hackers.

The attack occurred “between late February and early March” the online auction house said in a blog post, but was only discovered in the past two weeks.

The company said in the blog post that no financial data was accessed and that credit card information is stored separately in an encrypted format.

The hackers gained access to the details after they obtained “a small number of employee log in credentials, allowing unauthorized access to eBay’s corporate network,” the company said.

“As a result, a database containing encrypted password and other non-financial data was compromised.  There is no evidence of the compromise affecting accounts for Paypal users, and no evidence of any unauthorized access to personal, financial or credit card information, which is stored separately in encrypted formats.”

The online retailer is asking all eBay users to change their passwords immediately.

The company said that it is "aggressively investigating the matter" along with law enforcement agencies.

"The database, which was compromised between late February and early March, included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth," said the company. "However, the database did not contain financial information or other confidential personal information."

eBay said, "We believe we have shut down unauthorized access to our site and have put additional measures in place to enhance our security. We have seen no spike in fraudulent activity on the site."

Get The Beast In Your Inbox!
By clicking "Subscribe," you agree to have read the Terms of Use and Privacy Policy
Thank You!
You are now subscribed to the Daily Digest and Cheat Sheet. We will not share your email with anyone for any reason