Identity theft is a constant concern for those who entrust their personal information to Internet companies. Now millions of users are at risk following a massive cyber-attack that recently hit eBay.
Last week, we reported that eBay was hit by a massive cyber-attack when hackers broke into the company’s database that hold customers’ personal information. While no financial information was taken, customers’ email addresses, passwords and physical addresses were exposed. Skilled hackers can use this information to gain access to more personal information through social engineering tactics.
As with most major cyber attacks, eBay can’t do much now that the damage is done. What it can do is ask that its customers change their passwords:
EBay users will be notified via email, site communications and other marketing channels to change their password. In addition to asking users to change their eBay password, the company said it also is encouraging any eBay user who utilized the same password on other sites to change those passwords, too. The same password should never be used across multiple sites or accounts.
Unfortunately, the hackers didn’t just take user information. Ebay reports that that the hackers also took some employee log-in credentials. There’s no indication that this information was used to access databases that may contain more sensitive information, but eBay is working with law enforcement to bring in those responsible.
As you can imagine, people are not pleased with eBay at the moment. Much like the Target hack of last year, Attorneys General from various states are now opening up investigations to see if eBay could have done more to protect user information. The Attorneys General will also be looking into how eBay is planning to prevent future attacks.
“My office will be looking into the circumstances surrounding this breach as well as the steps eBay is taking to prevent any future incidents,” said Connecticut Attorney General George Jepsen. “However, the most important step for consumers to take right now is to change their password and to choose a strong, unique password that is not easily guessed.”
Image via Wikimedia Commons