Don’t hurry off to buy stolen eBay customer data just yet

eBay Customer Account Personal Data

eBay on Thursday acknowledged that some of its customers’ personal information may have been compromised following a breach, advising users to immediately change their passwords. The announcement has apparently been enough for some creative individuals with malicious intentions to advertise online “full eBay database dumps,” masquerading as the hackers that conducted the cyberattack. However, TechCrunch reports that eBay says those databases are fake, and the for sale lists do not contain “authentic eBay accounts,” which is very good news for eBay consumers whose personal data may have been exposed.

The database dumps are selling for Bitcoin, and target other people with malicious intentions ready to believe that what they’re purchasing is valid personal information. However, it looks like nobody has taken the bait yet, as the Bitcoin associated addresses have not received any payments.

Selling personal data on the black market is a common practice among hackers. Only recently, reports detailed cases where people purchased online credit card data stolen in the massive Target breach, and then used them to purchase goods. Some of these people have been apprehended by law enforcement agencies.

As for the eBay hack, it’s not clear how many accounts were compromised, and whether customers were affected in any way. The company says that the best way for customers to protect themselves is to change their passwords if they haven’t already done so. TechCrunch notes that a traffic-related software glitch prevented some eBay users from changing their passwords yesterday.

A recent report from avast revealed that Internet users are rather lazy when it comes to changing account passwords following security threats, encouraging users to act immediately whenever there’s suspicion of an Intenet account breach.

Source:
eBay
blog comments powered by Disqus