EBay Inc said that hackers raided its network three months ago, stealing some 145 million user records from a database in what is poised to go down as one of the biggest data breaches in history based on the number of accounts compromised.
It advised customers to change their passwords immediately, saying they were among the pieces of data stolen by cyber criminals who carried out the attack between late February and early March.
EBay spokeswoman Amanda Miller told Reuters late on Wednesday that those passwords were encrypted and that the company had no reason to believe the hackers had broken the code that scrambled them.
- Varun Gandhi Under Attack Over Defence Deals: Here’s How
- This Diwali, Let Blind Students Brighten Up your Homes With Candles & Diyas
- CBI Files Supplementary Chargesheet In Sheena Bora Murder Case
- Soha Ali Khan And Vir Das Starrer 31st October Audience Reaction
- Sahara Chief Subrata Roy’s Parole Extended Till November 28
- Simple Tips To Secure Your Debit Card From Fraudsters
- New Zealand & India Team Being Welcomed In Chandigarh
- Mumbai Call Centre Scam: All You Need To Know
- Jammu Kashmir Chief Minister Mehbooba Mufti Appeals To Police: Here’s What She Said
- Shocker From Ahmedabad: Find Out What Happened
- Bigg Boss 10 Day 3 Review: Celebs Fail To Do Well in First Task
- Airtel Offers 10GB Data At Rs 259 For New 4G Smartphone Users
- Aamir Khan Starrer Dangal’s Trailer Launched: First Impressions
- TMC Supporters Attack BJP Leader Babul Supriyo
- Sri Lankan Navy Apprehends 20 Indian Fishermen
“There is no evidence of impact on any eBay customers,” Miller said. “We don’t know that they decrypted the passwords because it would not be easy to do.”
She said the hackers copied a massive user database that contained those passwords, as well as email addresses, birth dates, mailing addresses and other personal information, but not financial data such as credit card numbers.
Miller also said the company has hired FireEye Inc’s Mandiant forensics division to help investigate the matter. Mandiant is known for publishing a February 2013 report that described what it said was a Shanghai-based hacking group linked to the Peoples Liberation Army.
EBay earlier said a large number of accounts may have been compromised, but declined to say how many.
Security experts advised EBay customers to be on the alert for fraud, especially if they used the same passwords for other accounts.
Still, EBay said it had not seen any indication of increased fraudulent activity on its flagship site and that there was no evidence its PayPal online payment service had been breached.
EBay said the hackers got in after obtaining login credentials for “a small number” of employees, allowing them to access eBay’s corporate network.
It discovered the breach in early May and immediately brought in security experts and law enforcement to investigate, Miller said.