| Author |
 Replies: 21 / Views: 5,372 |
|
Moderator
 Canada
10456 Posts |
"Discovery follows discovery, each both raising and answering questions, each ending a long search, and each providing the new instruments for a new search." -- J. Robert OppenheimerContent of this post is licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License. See: http://creativecommons.org/licenses...0/deed.en_USMy eBay store
|
|
|
|
Pillar of the Community
United States
3121 Posts |
It appears it's only ebay and NOT PayPal.. Here's an update in the 2nd article... Quote:UPDATE (10 am EST): PayPal spokesperson Jennifer Hakes told EcommerceBytes ebay will only be asking its user base later today to change passwords. "Extensive forensic research has shown no evidence of unauthorized access or compromise to personal or financial information for PayPal customers," she said. "PayPal customer and financial data is encrypted and stored separately, and PayPal never shares financial information with merchants, including ebay. PayPal account holders should consider changing their passwords only if their credentials are the same as those they use for ebay." |
|
Pillar of the Community
United States
1295 Posts |
Yikes! Thanks for the info; I hadn't seen anything about this. My ebay password has been successfully changed. |
|
Pillar of the Community
United States
3453 Posts |
|
|
Pillar of the Community
United States
4409 Posts |
I changed mine a few minutes ago after reading this, better safe than sorry.
-MV
|
|
Pillar of the Community
United States
964 Posts |
Here is the thing: If they get your password from ebay, the hackers will try and use that password on any account you have to see if you use the same password for every account you have online!! Just an FYI and if you are asking, "How do they know my other accounts online?" I'll ask you this. "How did they hack ebay?" They are smart. Edited by Mr Click
05/21/2014 2:57 pm
|
|
Moderator
United States
188130 Posts |
Never, ever reuse passwords on multiple sites. That is security 101.
|
|
Pillar of the Community
United States
1804 Posts |
pishpash.............. Quote:
Domain555, they said that paypal wasn't affected, hope everything is ok with you. So far so good. Thinking about wiping my paypal funds down to *ZERO* .... plus a very few dollars. |
|
Pillar of the Community
United States
964 Posts |
JBuck, I agree. But some people do it, because they can't remember all their passwords. That's why I said something.  |
|
Bedrock of the Community
United States
19943 Posts |
They got names and encrypted passwords, not much they can do with that info and I doubt there's much cause to worry.
|
|
Pillar of the Community
Canada
519 Posts |
For all you fellow Canucks interested in case law concerning privacy Google: intrusion upon seclusion.
|
|
Bedrock of the Community
 United States
12817 Posts |
Yep... lots of concern and hype out there these days. But of course you have to sympathize with the companies. Look at Target and what happened to their stock (allegedly) because of that infamous data breach. Due to potential litigation and potential loss of consumer confidence, companies have to jump all over things like this.
And all we heard about Target and the other retailers was the breach itself. Did anything ever happen as a result? Was misappropriated cardholder data ever used? Hard to say and who knows with our media.
Oh and Heartbleed. Major scare. Um... one story about a successful attack? I never heard one.
Swine flu.
SARS.
Mad Cow.
Yes, all potential threats. But vastly overestimated and hyped by media, auditors, and alarmists.
Don't get me wrong - you should always change passwords periodically. As someone said, that's Security 101.
[edit: didn't finish my thought]
Edited by CelticKnot
05/22/2014 04:20 am
|
|
Pillar of the Community
United States
3453 Posts |
Quote:
Swine flu.
SARS.
Mad Cow. Quote:
Don't get me wrong - you should always change passwords periodically. As someone said, that's Security 101. And wash your hands.  I had a friend in California who had decent passwords. But someone, with minimal information (readily available on the internet, socially engineered a tech supporter from Apple to help "her" change her password. From there it was on to the Amazon passwords (with another phone supporter's assistance) and THEN the lovely individual started wiping out her family's computer and phones. By the time the computer was wiped, she realized something was wrong and shut down the phones. The bottom line is that even with her precautions, all it takes is a weak (usually human) link to start a chain reaction. Users and corporations need to become more cognizant of their digital surroundings and act when something seems "off", not when things start blowing up. My understanding of the ebay case is that employees credentials were stolen and they worked their way through the servers for several weeks until they found what they took. It was a couple of weeks before an employee realized the credentials were stolen. Were there warning signs before he/she figured that out? Probably but they may have been ignored because nothing was blowing up. The hackers took what they took for a reason. They may not break the encryption fast enough to cause significant harm; but if they do break it, they have learned something valuable enough to make the exercise worth it. |
|
Pillar of the Community
United States
8516 Posts |
I wonder why they waited a cpl months to tell everyone ?
Oregon coin geek.....*** GO BEAVS ! ! ! ***
|
|
Pillar of the Community
United States
3453 Posts |
I think ebay reported it as soon as they realized it but time was lost since the credentials were in use. |
|
Bedrock of the Community
United States
17884 Posts |
Quote:
But some people do it, because they can't remember all their passwords. Very true, I have over 50 ID's and passwords to remember. |
| |
Replies: 21 / Views: 5,372 |
Posted 05/21/2014 11:28 am
