Something is not right. It was unclear at the time of this writing exactly what happened, but it looks like eBay may have been the victim of some kind of breach. The company is apparently preparing to instruct all users to change their passwords as soon as possible, as Engadget has found preliminary notices with a potentially troubling note.
On eBay-owned PayPal’s press site, a notice has been posted under the headline “eBay Inc. To Ask All eBay Users To Change Passwords.” At the time of this writing, the only text in the body of the post is “placeholder text.”
It’s unclear when eBay plans to update the notice or issue a press release on the matter, but one thing is probably pretty clear: Change your eBay password immediately.
UPDATE: eBay has confirmed it was the victim of a cyberattack and that encrypted passwords may have been stolen.
“eBay Inc. said beginning later today it will be asking eBay users to change their passwords because of a cyberattack that compromised a database containing encrypted passwords and other non-financial data,” the company said in a statement. “After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users.”
The full statement can now be found on eBay’s website.