Ebay is asking its 145 million users to change their passwords because of a cyberattack that compromised a database containing encrypted passwords “and other non-financial data.” According to a press release issued by the online auction and payments company, it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats.
The company still wants users to change passwords “as a best practice and will help enhance security for eBay users.”
By compromising a “small number” of employee log in credentials, the hackers had unauthorized access to eBay’s corporate network, the company said.
The database was compromised between late February and early March and included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth. “The database did not contain financial information or other confidential personal information,” according to the company.
The company said it has seen no indication of increased fraudulent account activity on eBay. The company also said it has no evidence of unauthorized access or compromises to personal or financial information for PayPal users. PayPal data is stored separately on a secure network, and all PayPal financial information is encrypted.
Find helpful information on SmallBusiness.com about ways you can improve your online security.