PFollow Lifehacker

RELATED BLOGS
CHACKERSPACE
CAFTER HOURS
CTWO CENTS
BLOGS YOU MAY LIKE
DEADSPIN
GAWKER
GIZMODO
IO9
JALOPNIK
JEZEBEL
KOTAKU
LIFEHACKER
diegolm
eCompose post
MY ACCOUNT
^Private view
GAccount Settings
8Logout
MY BLOGS
Cdiegolm
SEE ALLNOTIFICATIONS
TRENDING ON RELATED BLOGS
Clever Gamer Dresses Up As An Enemy In Dark Souls II, Confuses Everyone
2.9k people reading on Kotaku
RECOMMENDED BY ALAN HENRY
Make Your Own Deodorant to Avoid Allergies and Control Ingredients
eBay Hacked, Change Your Passwords Now
Loggr Lets You Roll Your Own Health, Fitness, or Habit Tracker
Build an All-In-One Raspberry-Pi Powered Portable PC
Change Your Relationship with Time to Manage It More Effectively
Xposed Framework Updates, Adds Mod Details and Risks Before Install
What's the Best Way to Move a Desktop Computer?
Commit An Hour a Day to Improving Your Skills at Work
Book Weddings in Parks or Museums to Save Big (and Get a Tax Break)
This Wall-Mounted Standing Desk Offers Storage and Flexibility
Five Best Book Recommendation Services
BillGuard Alerts You When a Retailer or Bank You Use Is Breached
Chorus Is a Powerful Web-Based Remote Control for XBMC
This DIY Bar Shelf Is Made from Reclaimed Pallet Wood
Slyde Is a Fast and Flexible Floating App Switcher for Android
The Slowmo Desktop
The Best Serving Temperatures for Wine (and How to Chill It Quickly)
Boil Eggs in a Coffee Cup, and Other Office-Friendly Food Hacks
Why Should I Buy a Hotspot When I Can Just Tether to My Phone?
S
eBay Hacked, Change Your Passwords Now
17,306g51
alanhenry
Alan Henry
ProfileFollow
Alan Henry
Filed to: HACKED
SECURITY
PASSWORDS
EBAY
NEWS
52 minutes ago
EShare to Kinja
jShare to Facebook
iShare to Twitter
rGo to permalink
eBay Hacked, Change Your Passwords Now
SEXPAND
If you have an eBay account, it's time to change your password. The company rele
ased a statement today saying their internal and customer databases were comprom
ised earlier this year, and starting today they'll prompt everyone to change the
ir passwords.P
Attackers made off with names, addresses, email addresses, phone numbers, birth
dates, and of course, encrypted passwords. eBay explained that financial info li
ke credit card numbers and other sensitive data (like PayPal accounts) are kept
in a separate encrypted database which wasn't compromised. They also said they'v
e found no evidence of unauthorized access or activity by registered eBay userswh
ich is code for "we don't think anyone's used these passwords yet." According to
the statement, intruders compromised employee accounts first, and used their ac
cess to get the data they really wanted. They discovered the breach about two we
eks ago, but the actual attack took place back in late February and early March.
P
To change your eBay password, log into your account, then click your name in the
upper left corner. Select Account Settings (or click here to go to it directly.
) Click "Personal Information" on the left side of the page, and "edit" next to
your password. P
As always, if you use the same password on multiple sites, first, change those t
oo, and second, stop using the same password on multiple sites. Instead, use a p
assword manager that generates and remembers strong passwords for all the sites
you use around the web. You can read eBay's full statement at the link below. P
How to Audit and Update Your Passwords After a Service Gets Hacked
When something like a password database compromise happens, it's a good time to
reassess your
Read more
eBay Inc. To Ask eBay Users To Change Passwords | BusinessWire via Boing BoingP
51 21Reply
Alan Henrys DiscussionsAll replies
Alan Henry's Discussion
camerongladman01
Camelot
ProfileFollow
CamelotUAlan Henry
25 minutes ago
PFollow camerongladman01
jShare to Facebook
iShare to Twitter
rGo to permalink
So, if they discovered it earlier this year, why didn't they prompt people... ea
rlier this year?
211Reply
alanhenry
Alan Henry
ProfileFollow
Alan Henry, HostUCamelot
18 minutes ago
PFollow alanhenry
jShare to Facebook
iShare to Twitter
rGo to permalink
No, apparently they discovered that their employee accounts were compromised two
weeks ago, and then found the extent of the damage that went back to earlier th
is year (Feb/Mar). At least that's the story.
1Reply
brek
brek
ProfileFollow
brekUAlan Henry
38 minutes ago
PFollow brek
jShare to Facebook
iShare to Twitter
rGo to permalink
So if I changed my password after heart bleed in April, I should be OK?
114Reply
alanhenry
Alan Henry
ProfileFollow
Alan Henry, HostUbrek
17 minutes ago
PFollow alanhenry
jShare to Facebook
iShare to Twitter
rGo to permalink
Ideally, yes, since the data was obtained in late Feb/early March, but it doesn'
t hurt to change it again. :)
11Reply
lhong1987
Rosilowlia
ProfileFollow
RosilowliaUAlan Henry
15 minutes ago
PFollow lhong1987
jShare to Facebook
iShare to Twitter
rGo to permalink
Am I the only person who is more worried that the attackers have names, addresse
s, email addresses, phone numbers, and birth dates?
That seems like a lot of data on a person.
21Reply
alanhenry
Alan Henry
ProfileFollow
Alan Henry, HostURosilowlia
10 minutes ago
PFollow alanhenry
jShare to Facebook
iShare to Twitter
rGo to permalink
I know, right? I was going to just say "encrypted passwords and non-financial da
ta," which is how eBay tries to put it in their release before they get into the
details - when I read the details, I was kind of surprised. It's funny that com
panies tend to keep all of this stuff in databases that aren't encrypted usually
, and tend to consider it non-sensitive.
111Reply
View all 21 replies
AboutHelpTerms of UsePrivacyAdvertisingPermissionsContent GuidelinesRSSJobs