The online giant eBay Inc has been hacked which has resulted in loss of encrypted passwords and other data.
In what is being considered as the 2nd largest attack in U.S history more than 145 million EBay users have been affected. The data stolen includes encrypted passwords, names, email addresses, addresses and phone numbers too. Although, the company says that, no financial data or credit card numbers have been stolen.
EBay was breached between February and March by hackers who first targeted a small group of employees and got their log-in details which got them into the corporate network. The breach was identified only in May after which the company immediately got security experts and law enforcement to look into it, said Miller.
The attack took place two months ago but the company is urging is users now to change their passwords and also not use to the same password elsewhere. If they have used the same password on other sites then they must change it as well.
”We know our customers trust us with their information, and we take seriously our commitment to maintaining a safe, secure and trusted global marketplace,” reads a company statement.
There are chances that if the encrypted passwords have been decrypted by the hackers then they can take over other account of users across the web where they have the same username and password.
EBay spokeswoman Amanda Miller said that the passwords stolen were encrypted and that the company had no reason to believe the hackers had broken the code that scrambled them.
EBay was using details encryption which is the easier of the two methods hashing and encryption used for protecting passwords. Since it is possible that the passwords may be accessed it is better that user’s take precaution and change their passwords at the earliest.
The EBay hacking episode is that latest and the 2nd largest in the history. Earlier Adobe Systems was hacked which resulted in 152 million users being affected and recently mobile operator Orange was hacked too affecting 1.3 million customers.
The series of attacks have been increasing at an alarming rate and the privacy of users is at huge risk as there is no assurance of any sorts with respect to their data being safe with a company.
