eBay hacked, passwords stolen

eBay buyers are being urged to change their passwords as soon as possible to avoid being vulnerable to hackers.
Learn more

01.Consumers have been urged to change their eBay password

Laptop with eBay on the screen

E-commerce and auction site eBay has announced it came under cyberattack between February and early March this year, with hackers stealing users' personal details and passwords.

The company, which discovered the attack in May, is now urging its 145 million active buyers to change their passwords as soon as possible. eBay says credit card details and PayPal accounts have not been compromised, and claims the unauthorised access has now been shut down.

How did this happen?

According to eBay, the attack was made possible after employee log-ins were compromised.

What information was accessed?

The attack was on a database that contained users' personal information. This included:

  • customer name,
  • encrypted password,
  • email address,
  • physical address,
  • phone number, and
  • date of birth.

What should you do?

Change your eBay password as soon as possible, and if you use the same password for eBay and another site (which is a bad idea, as it means that if hackers crack one of your online accounts, they can get access to others too), change your password on any other site on which you use it. If you're having trouble remembering all those passwords, check out our review of password managers, which can help keep your online life secure.

What will the hackers do with the passwords?

The good news is that the stolen passwords were encrypted, so it would take significant effort and skill to be able to decode them into actual passwords. But just because it isn't easy, doesn't mean they won't be able to do it.

What’s next?

eBay says it has improved its site security and is working with law enforcement to resolve the issue. But they’ve issued this warning: “Following a cyberattack of this nature, it is common that fraudsters will try to exploit well-known brand names like eBay in an effort to obtain personal information. They attempt this fraudulent activity through phishing emails, texts, phone calls and fake websites.” So be on the lookout for anything phishy.



Sign up to our free

Receive FREE email updates of our latest tests, consumer news and CHOICE marketing promotions.

Your say - Choice voice

Make a Comment

Members – Sign in on the top right to contribute to comments