eBay is starting to notify all its 112 millions of customers who need to change their password. The reason is that Ebay has suffered a serious cyber attack which compromise the data stored in its database,
including a list of encrypted passwords that were stolen by hackers. This means that they could potentially be decrypted and therefore accounts could be stolen.
In the post published on eBay (which bought some time and also controls Paypal) , announced that a company's database has been hacked putting at risk the encrypted passwords of users and also some non-financial data. According to surveys carried out by eBay there would be traces of unauthorized use, and even access to personal and financial data of users of PayPal. These data are stored separately, encrypted and never shared with third party companies or users.
In consequence of what happened, eBay is asking users to change their passwords as soon as possible.
Ebay ensures that the most sensitive data of users such as credit card numbers were not compromised (could be compromised just to access basic information such as name, email, telephone number, address and date of birth) in this attack, and the company has not found any evidence of unauthorized activity resulting from breach.
The attack occurred a little 'time ago, precisely tra fine Febbraio 2014 and the beginning of March 2014, when hackers were able to get a group of login credentials of employees, allowing a more extensive access to the data bank. Even after the attack, eBay was not aware of the compromise until two weeks ago and it took a detailed forensic analysis to discover all.
Recall that Paypal was NOT involved in a breach because the data Paypal are maintained on a separate network with high levels of encryption.
So whatever you want to do, is change your password to prevent account theft or identity or someone to do the illegal purchase and sale transactions on your behalf.