Share:
POST
TWEET
SHARE
SHARE
EMAIL

Further information on the eBay cyberattack and your eBay password

By Dan Wilson May 21, 2014 - 4:45 pm

Earlier today, eBay announced it had been the victim of a cyberattack where some encrypted non-fiancial information had been put at risk.

As a precaution eBay also announced that all users should change their passwords.

eBay have published a great deal more information about the cyberattack since then including more detailed info on what to do about it, some frequently asked questions and specific information for sellers.

There are a few things that leap out. Firstly, the cyberattack occurred maybe as long ago as February, which is quite astonishing. Have they been sitting on it since then or have they only just twigged? Either explanation is far from ideal

Next, the PayPal systems were not compromised but that is not necessarily that comforting because I bet that plenty of eBay users use the same passwords on both eBay and PayPal and likely other sites.

Third, eBay is going to force everyone to change their passwords and that’s going to cause some disruption. eBay has put together some specific info for sellers to address the concerns there. See below.

But the the issue at stake is confidence and a lot of that depends on how much you trust eBay. Personally, I take them at their word on this one and at least salute the fact they have gone public despite the possible flak. But this is going to scare some people away, probably buyers.

Even if it was possible to sweep it under the carpet, which I suspect it wasn’t, tackling the issue head-on and proactively is the decent thing to do.

Doubless the tech community will debate what’s what and why extensively but in the meantime it’s an opportunity to reasses your password practices for the better. And that’s no bad thing.

Find the main landing page on the cyberattack here.

eBay CEO Devin Wenig addresses the cyberattack on this page.

Specific information for sellers lives here.

Check out the quite extensive FAQs here.

Advice on creating the best passwords possible has been reiterated here.

  • JD
    3 years ago

    eBay say that they discovered the hack ‘earlier in May’.

    Sadly that begs 2 questions:
    1) why did it go undiscovered for so long?
    2) why were users not informed before now?

    eBay state a list of compromised data that ‘included’, what other data was compromised that they do not list?

    Whilst I can change my password I cannot change my name, my address, my date of birth. I see that email address is also on the list it might just be a good idea to change that.

    Confidence is everything, if there is more to reveal best to hear about it now than in drips.

  • radroach
    3 years ago

    Regarding the enforced change of passwords – does anyone know if this will apply to those who have already changed them since the problem was revealed (in the past few hours in fact) – or just to those who haven’t?

    • john
      3 years ago

      Ebay is Beyond a joke. Programming is a joke and the search does not work properly. The whole site is a shambles.

      And yes …you must reset password again cause everything they do is never done properly or efficiently.

      Rant over…

    • john
      3 years ago

      just had a page up asking me to change password….now its letting me in. without changing password for second time.

  • JD
    3 years ago

    And the header for messages sent through eBay will need to be rethought won’t it?

    After all this includes a part of the compromised data:

    ‘eBay sent this message to [names] (used ID).
    Your registered name is included to show this message originated from eBay’

    Simply no longer holds good!

  • Bhavin
    3 years ago

    I have been asked to change my password when I try an log into my eBay account. However, probably due to increased traffic, the screen asks me to comeback later and doesn’t allow me to change my password. I can see ‘item not received cases’ being opened by customers and so defect scores will be sky high! Will we receive a partial refund on our eBay fees for loss of trade and will defects be pardoned/not counted?

  • David T.
    3 years ago

    Well…just reset my password. I go through the motions only to be told that I have now chosen a previously-used password (not true), so I tweak it and try again. I am then told that my session has timed out and need to start again.

    So, I ask ebay to send an email with the link to change my password. An email arrives ‘This is a courtesy message to let you know that your eBay password has been successfully changed. No response is needed.’

    The ‘previously-used’ password works and no email has arrived to change it.

    Surprised? Me neither, but when you rely on ebay for your living it’s very, very worrying indeed.

  • hunt
    3 years ago

    click on the change password send an email link,no email comes
    orders still comin g in cannot revise any items end any items etc this is going to create chaos

    cannot get on my account ebay is a joke

Recent Comments

8 hours ago
northumbrian: if I got then minimum wage for all the hours I spent on the business...
9 hours ago
james: “make the UK the... safest place in the world to be online” might need to dispute...
11 hours ago
tyler: We use a 3rd party api system (WP Lister) to import orders, from both Amazon...
11 hours ago
Colin Windsor: It may be just me But Alibaba is now retail not trade?...
12 hours ago
chrissieboy: Amazon apparently no longer take on new sellers of cds due to MM allegedly blocking....