The high-profile eBay data breach has already led to a multi-state investigation, and now cybercriminals are trying to exploit the breach for their own personal gain. A person claiming to have the stolen database of all compromised users and passwords online for 1.45 (about $760) bitcoin isn't providing a legitimate information, according to eBay.
The 3,000-row file has Asia-Pacific usernames, addresses, phone numbers and dates of birth for users - but that doesn't appear to be true. A "free sample" with reportedly extracted names of more than 12,000 accounts "are not authentic eBay accounts," according to eBay.
"It is always tough to tell whether the data is genuine in situations like this," said Rik Ferguson, Trend Micro global VP of security research. "The email addresses I have tested so far do not appear to be sourced from previous breaches."