eBay is the latest victim of a cyberattack and is urging all of its users to change their passwords. While the company assured users that there has been no evidence of unauthorized activity from eBay accounts due to the hacking, it strongly suggested that everyone change their passwords.
In a blog post Wednesday, eBay said that the cyberattack “compromised” a database with encrypted passwords and “other non-financial data.” It conducted several tests across its networks and eBay found no unauthorized activity or unauthorized financial access, since that data is stored in another database.
“However, changing passwords is a best practice and will help enhance security for eBay users,” eBay said.
According to CNet, eBay confused thousands of users by posting a blog post on Paypal’s blog with the headline “eBay, Inc. to Ask All eBay users to Change Passwords.” That link was also tweeted and retweeted several times before the post was deleted. Later, eBay posted the headline and a full announcement on its own blog.
eBay said that the attack was discovered just two weeks ago, although the post noted that it took place back in late February through early March.
“Cyberattackers compromised a small number of employee log-in credentials, allowing unauthorized access to eBay's corporate network,” the company’s statement read. “Working with law enforcement and leading security experts, the company is aggressively investigating the matter and applying the best forensics tools and practices to protect customers.”
eBay said that it will be sending out emails to every user to urge them to change their passwords. The company also reminded Internet users not to use the same password on different networks and sites.