eBay userbase information hacked, change your password immediately!

[Qtis]

As we've heard in the past months, not many services are considered immune anymore. The latest website to join the group of hacked sites is eBay. Change your password immediately.

eBay Inc. (Nasdaq: EBAY) said beginning later today it will be asking eBay users to change their passwords because of a cyberattack that compromised a database containing encrypted passwords and other non-financial data. After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users.

Regardless of what they say, I'd recommend changing all passwords linked to eBay as well as passwords in all sites with the same password/username as eBay.

Source

 

[jonthedit]

WELL SHIT!
I just updated my Bank/CC info! >:|

 

[Bladexdsl]

i dont even know what my password is i've just been using the auto login

 

[Gahars]

The passwords are going once, going twice, gone!

And here I thought the snipers were the worst part about eBay.

 

[MarkDarkness]

Damn... passwords are DONE. We are way past the need of a paradigm shift... this is shit is not remotely safe anymore.

 

[the_randomizer]

Not taking any chances, even though I hardly use it. Changed password.

 

[Walker D]

Was Paypal accounts also affected by the attack? (paypal's press page was changed by the hackers too, it seems)

 

[DigitalDeviant]

Password changed as well. I do wonder of paypal could be affected as well.

 

[Qtis]

Was Paypal accounts also affected by the attack? (paypal's press page was changed by the hackers too, it seems)

As a precaution, I'd change all passwords used in any service operated by eBay inc. Luckily the cc data should be encrypted, but that doesn't mean much if the hacker somehow gained access to the keys or managed to crack it due to stupid hashes from passwords such as qwerty or 123456..

 

[joelv6]

how they even get hacked??

 

[Qtis]

how they even get hacked??

Employee passwords with access to user data.
http://mobile.theverge.com/2014/5/2...mers-to-change-passwords-after-massive-breach

 

[mrtofu]

deleted

 

[PolloDiablo]

now we can have homebrew on our Ebays! oh, wait....

 

[Walker D]

Crap ..change paypal password is more of a pain (I need to confirm my creditcards or something for it..) ...thank you hackers for brightening my night..

 

[Qtis]

Also by now it should be obvious, but I'd recommend everyone to get a password manager such as 1Password. Using unique random generated passwords on each website means changing only one password if a website is breached. You only need to remember the master password for your credential vault. Not that much to be spent for the added security.

 

[mrtofu]

deleted

 

[Bladexdsl]

great now i have to change my paypal password too....now what to fucking use i've used everything!

 

[Hells Malice]

So now hackers know a password even I am not certain of.
...yeah without auto-login I can't get on my account.

I'll look in to it. So basically, use random passwords for everything but keep them under 1PW? But what if 1Password gets breached?

Any recommended PW generators?

KeePass

Free, easy to use, and I should REALLY stop being too lazy to use it.
Anyway, it'll keep, store and generate passwords. Can put in your own, or let it generate one for you. Lots of features for a free program.

 

[Cartmanuk]

Is PayPal safe I noticed I couldn't log in there either so check you passwords for all eBay company's.






Company
Up4Sale.com
Butterfield & Butterfield
Billpoint
Kruse International
Alando
Blackthorne
Half.com
Precision Buying Service[note 1]
Internet Auction Co.
iBazar
PayPal
CARad.com
EachNet
mobile.de
Baazee.com
Craigslist[note 2]
Marktplaats.nl
Rent.com
Loquo
Gumtree
Shopping.com
OpusForum.org
Skype Limited[note 3]
Tradera
StumbleUpon[note 4]
StubHub
GittiGidiyor
Meetup.com[note 5]
Fraud Sciences
Bill Me Later
dba.dk & bilbasen.dk
Positronic Inc.
Magento
RedLaser
Milo.com
GSI Commerce
Where, Inc.
Zong
The Gifts Project
Hunch
Zvents
Svpply
Decide.com
Braintree
Bureau of Trade
Shutl
PhiSix Fashion Labs

 

[Bladexdsl]

wtf ebay owns gumtree??!