According to a report by The Wall Street Journal, eBay has today asked over 150 million of its active users to change their passwords following a cyberattack that compromised a database containing encrypted passwords and other data. Fortunately, the database did not include any financial data, announced the company, adding that sensitive financial data is stored on a separate, more secure network.
eBay says that compromised database includes passwords, email addresses, physical addresses, phone numbers and dates of birth. The company, which has 145.1 million active buyers and also has 148.4 million active registered accounts on its PayPal operation, has said that “extensive tests” have confirmed that there was no evidence of access to financial or credit card information.
“The attackers gained access to the company’s corporate network by compromising some employees’ login credentials, eBay said. The cyberattack occurred between late February and March, the company said, although it said the compromised employee credentials were detected about two weeks ago.
Ebay said it is investigating the breach along with law enforcement and security experts. The company also said it would encourage users who used the same password on other sites to change those passwords, as well.”
The company has further assured that there is no evidence that the compromise led to any unauthorized activity for users.