• New Patreon Tier and Early Access Content available. If you would like to support AVForums, we now have a new Patreon Tier which gives you access to selected news, reviews and articles before they are available to the public. Read more.

EBay accounts hacked

stunno

Well-known Member
Not sure if this is the correct spit for this but it might get better coverage here.
It has just been on the news that eBay are along all users to change their passwords after their system has been hacked.
All users personal details that they hold have been stolen including address, phone number and security question answers. The only info that was encrypted was the password!

This happened in February and has just been admitted to today.
 

wilbanat

Distinguished Member
How come it's on the news etc and posted here by a concerned member but when I go on Ebay Nothing ! no message or anything. Not even an email......Anyway I was well overdue to change mine, so now all done....
 

Foebane72

Well-known Member
How come it's on the news etc and posted here by a concerned member but when I go on Ebay Nothing ! no message or anything. Not even an email......Anyway I was well overdue to change mine, so now all done....

Ditto.

Yes, the BBC News makes a big deal of changing your password, but on the ebay site itself? Nothing.
 

IronGiant

Moderator
I got the impression that passwords were encrypted and they got everything else, such as the security question that would allow them to change your password. So it's even more important to change your security question than it is to change your password.
 

Trollslayer

Distinguished Member
Changed ebay and Paypal passwords.
 

Tetlee

Distinguished Member
How come it's on the news etc and posted here by a concerned member but when I go on Ebay Nothing ! no message or anything. Not even an email......Anyway I was well overdue to change mine, so now all done....

ebay never give a crap about its users so nothing new there.

Just done mine, thanks for the nod.
 

stunno

Well-known Member
One thing has just occurred to me. If you have your account linked to your paypal account, will they also now have that password? Presumably it will have been stored in the same place?
 

alan280170

Distinguished Member
One thing has just occurred to me. If you have your account linked to your paypal account, will they also now have that password? Presumably it will have been stored in the same place?


Not sure about that, but may be worth changing it also.

No worries for me haven't used pappal in ages and just got a new bank card so it'll reject ant payments.
 

Epicurus

Well-known Member
They've said that Paypal uses a different database that wasn't compromised. Believe them if you want!

What's strange about this announcement is that about 2 or 3 weeks ago I logged on to eBay to list an item. A day later I got an email saying my account had been flagged for suspicious activity and locked. They recommended I change my email account password as they may have used it to reset my eBay credentials. I found it really odd, now I understand it perfectly!
 
D

Deleted member 498601

Guest
Meh, if I changed my password everytime that the news ran a scare story, I'd have lots of different passwords to remember. Oh, hang on...

Seriously though, I'm not changing anything. What's to say that hackers don't just watch for a scramble of users changing passwords that they (the hackers) don't know, and then capturing the new information and passwords for future use?

It'd be much easier to watch a site such as ebay for users swapping their passwords just after such an announcement by the BBC than to watch the site every day for a month, capturing the information from the people that change their passwords off their own back.

It may seem like a conspiracy theory, but completely possible, and fairly likely imo.
 

hippo99

Distinguished Member

Attachments

  • head-in-sand.png
    head-in-sand.png
    130.9 KB · Views: 96

pandemic

Well-known Member
I'll change my password if I get an email, haven't received one as of yet. They said the passwords were encrypted, so it would be pretty difficult to decrypt the passwords if they were salted and hashed. What's more concerning is the personal details (unencrypted) they have access to, in the wrong hands that could be used more effectively in fraudulent activities.
 

hippo99

Distinguished Member
I'll change my password if I get an email, haven't received one as of yet. They said the passwords were encrypted, so it would be pretty difficult to decrypt the passwords if they were salted and hashed. What's more concerning is the personal details (unencrypted) they have access to, in the wrong hands that could be used more effectively in fraudulent activities.
What's most concerning is what IronGiant said about security questions being stolen, as many sites tend to use the same security questions, this would open you up to other accounts being compromised.

I think the most important thing to do now is to make sure you have a very unique password on your main email address that isn't used anywhere else, & preferably have 2 step verification turned on for that email account. Reason being any other online account that gets compromised, you should still receive an email notifying you if anyone tries to change passwords/or any unexplained orders will still be sent to your email address & alert you to any problems.
If your main email address gets compromised, then it'll be much, much harder for you to resolve or even to detect.
 

Greg Hook

Moderator & Reviewer
It was about time I changed my eBay password anyway. I had it since the very early days of eBay and because of that my old password was only 5 digits.
 

Greg Hook

Moderator & Reviewer
:D No, I'm not that stupid. :laugh:
 

The latest video from AVForums

Hisense U7H TV and T+A Solitaire T headphone reviews, AV/HiFi news plus, what is screen uniformity?
Subscribe to our YouTube channel

Full fat HDMI teeshirts

Support AVForums with Patreon

Top Bottom