eBay comment on OpenSSL/Heartbleed bug

By Dan Wilson April 11, 2014 - 2:11 pm

eBay have issued this statement on the OpenSSL problem which many are referring to as the Heratbleed Bug. This is the comment in full:

A Message Regarding OpenSSL- “Heartbleed Bug”

There has been a lot of discussion recently in regard to a security vulnerability in a version of OpenSSL, commonly known as the “Heartbleed Bug.”

We take the responsibility of keeping your personal information details protected very seriously at eBay.

We would like to assure you that with regards to the Heartbleed bug:

1) Your eBay account is secure
2) Your eBay account details were not exposed in the past and remain secure
3) You do not need to take any additional action to safeguard your information
4) There is no need to change your password

While we always advise our customers to be cautious and aware of the security of their personal information, in this case we want to reassure you there is no need to be unduly concerned. When you login to eBay using your user name and password these details were not exposed to the OpenSSL vulnerability.

Consumer safety is our top priority. As always, thank you for being a part of the eBay community.

  • JD
    3 years ago

    I am not totally reassured.

    What about if I log in with email address and password? email address is not mentioned.

    What about if I (against general advice) use passwords across more than 1 site, 1 of which could have been compromised?

    eBay might have been secure, other sites not so.

  • 3 years ago

    Anyone who has dealt with ebay for any length of time puts very little faith in ebay’s “reassurances”…

    • Jimbo
      3 years ago

      How long were you involved with eBay for Rich?

    • 3 years ago

      Jimbo, I started selling on eBay in January 1999 and amassed 4625 positives before I decided on my own to stop listing items there in April 2013 because I don’t like their fraudulent and illegal breaches of contract and unfair trade practices with small sellers.

    • Jimbo
      3 years ago

      You certainly put in a good shift. That’s longer than the average marriage!

  • 3 years ago

    Talking of Passwords. I recently changed my electricity provider. Part of the procedure for registering with the new provider was that I had to complete an on line form providing lots of assorted information. There was email address..No Problem. But the next line down was email password. I refused point blank to provide that information.

    After all what the blazes would my electricity supplier want my email password for???

    Anyway they would not accept the form without this information provided and it turned into a long drawn out row. I am now getting my electricity from them and they have not got my email password. Indeed I told them that had I supplied my email password my next move would have been to change it.

  • northumbrian
    3 years ago

    to be honest we wonder if these scares are sometimes manufactured or at least overstated, to increase anti virus software sales

Recent Comments

3 hours ago
ian: what a fabtastic message sums up how i feel 100% (on a smaller scale) but im...
11 hours ago
Nasir Kothia: A fantastic event !! Proud to be a sponsor and look forward to exhibiting again next...
15 hours ago
Northumbrian: Get real folks Suck it up or work round it EBay's been doing this for decades Many have...
16 hours ago
Pawel: So basically there is no way we can make our listing looking better by having...