The Internet Bleeds Again: eBay Hack Confirmed
Last week, it was rumored that eBay’s corporate network was hacked. Later in the week, eBay confirmed the attack. This leads to more speculation on how safe the Internet actually is, especially in the aftermath of the Heartbleed bug.
Early last week, PayPal, which is owned by eBay, posted on its corporate blog a post titled “eBay, Inc. to Ask All eBay Users to Change Passwords.” Oddly, the post had no body content and only showed the title. The post was soon taken down from PayPal’s site.
eBay would go on to post information about the hack on its official blog on May 21, and the company asked all users to change their passwords, confirming that the site had been compromised.
The post explained that the breach of eBay's database happened in late February and early March. It’s strongly believed that users' financial information was not accessed, but customers' names, email address, physical addresses, phone numbers, and other personal information became available to the hackers. From eBay's blog post:
After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users.
Following news of the hack, Twitter blew up, rumors hit the Internet, and shares in the stock dropped, albeit slightly. But what is more important than online backlash or a dip in share price is that with nearly 145 million customers possibly affected, this security breach could turn out to be the biggest exploitation of a security flaw since last year’s Target data breach.
So, how safe is the Internet, really? Dan Kaminsky, an Internet security expert and chief scientist at online fraud detection agency White Ops, explained to the Chicago Tribune that hackers have the tools to get into nearly any network, predicting that eBay may not be the last big security breach of this year. About the hacking of eBay and the current state of Internet security, Kaminsky said, “Five hundred of the Fortune 500 are under constant attack. Everybody is getting hit.”
If online security is really as fragile as Kaminsky believes, then it may not be long until another major corporation finds itself in a similar situation. And the data bleeding continues.
