eBay forces users to change passwords after cyber-attack

 
       

  
  
   
        

  
 
      
    Auction and retail site eBay says all users will have to change their passwords after hack     
 
        One-Minute Read  
    
    Wednesday, May 21, 2014 - 3:55pm  
      Onling retailer eBay will force all 128 million of its users to change their passwords after discovering that the site had been compromised. 
 The company said databases containing encrypted passwords and other non-financial data had been attacked some time in February or March.  
 According to the company's records, no unauthorised activity has been recorded, but requiring all users to change their account details is "best practice and will help enhance security for eBay users". 
 The attack came about, eBay said in a  post  on its corporate site, because "cyber-attackers compromised a small number of employee log-in credentials, allowing unauthorised access to eBay's corporate network". 
 The post added: "Working with law enforcement and leading security experts, the company is aggressively investigating the matter and applying the best forensics tools and practices to protect customers." 
 The retailer has 128 million active users and accounted for $212bn (£126bn) worth of transactions on its wide range of services in 2013, the  BBC  reports. 
 In spite of the company's reassurances that no illegal transactions had occurred, one expert told the BBC that the hackers might still be able to exploit the security breach. 
 "We all know that given enough time hackers can crack some encrypted password files," said Alan Woodward, an independent security consultant. 
 "The slightly worrying aspect of this is that the hackers have a nice neat list of personal information, which can be used to steal identities or even help them get around other systems though password reset scams." 
 eBay users are advised to visit the site and change their password as soon as possible.  ·   
       Business        eBay    online fraud