This morning, eBay announced that its internal and customer databases were compromised earlier this year. Sometime between February and March of 2014, hackers managed to compromise a number of employee accounts and were able to obtain log-in credentials that allowed them to access eBay's internal and customer databases. eBay says that the security breach remained undetected until just two weeks ago.
Customer information was stolen, and included log-in information, email addresses, encrypted passwords, physical addresses, phone numbers and date of birth information. Fortunately, the database that stores customer financial information was not compromised, and all of that information remains secure. eBay is however urging every account holder to change their passwords as soon as possible, and personally, I would suggest changing your PayPal password as well even though it was not part of the breach.
"Information security and customer data protection are of paramount importance to eBay Inc., and eBay regrets any inconvenience or concern that this password reset may cause our customers. We know our customers trust us with their information, and we take seriously our commitment to maintaining a safe, secure and trusted global marketplace," eBay said in a statement. "Beginning later today, eBay users will be notified via email, site communications and other marketing channels to change their password. In addition to asking users to change their eBay password, the company said it also is encouraging any eBay user who utilized the same password on other sites to change those passwords, too. The same password should never be used across multiple sites or accounts."