Client info stolen in hacking attack: eBay
E- commerce company eBay Inc said client identity information including emails, addresses and birthdays was stolen in a hacking attack between late February and early March.
EBay urged users to change their passwords after the attack on a database that also contained encrypted passwords, physical addresses and phone numbers.
The company said it found no evidence of any unauthorised access to financial or credit card information, which is stored separately in encrypted formats.
EBay shares fell as much as 3.2 per cent on Wednesday morning after the latest high- profile hacking attack on a US company.
“For the time being, we cannot comment on the specific number of accounts impacted,” eBay spokeswoman Kari Ramirez said. “However, we believe there may be a large number of accounts involved and we are asking all eBay users to change their passwords.”
EBay said it was investigating the breach and working with law enforcement agencies.
The company also said it had not seen any indication of increased fraudulent account activity on eBay and that there was no evidence that its online payment service PayPal had been affected in the attack.
The attack on eBay was made through compromised employee accounts that allowed unauthorised access to its corporate network, the company said in a statement. It said the breach was first detected about two weeks ago.
The message headline, issued at 1: 30 am was “eBay Inc. To Ask All eBay Users To Change Passwords” but had no other information other than the words “place holder text”.
In December, retailer Target Corp said hackers had stolen data from up to 40 million credit and debit cards of shoppers who visited its stores during the first three weeks of the holiday season.
Last month, US web media company AOL Inc urged its tens of millions of email account holders to change their passwords and security questions after a cyber attack compromised about 2 per cent of its accounts.
EBay shares fell as low as $ 50.30 in morning trade on the Nasdaq before recovering to $ 51.15.
A statement stated that eBay “is aggressively investigating the matter and applying the best forensics tools and practices to protect customers,” adding that it was working with law enforcement and security experts.
“Information security and customer data protection are of paramount importance to eBay Inc, and eBay regrets any inconvenience or concern that this password reset may cause our customers,” the statement said.
“We know our customers trust us with their information, and we take seriously our commitment to maintaining a safe, secure and trusted global marketplace.”