The e-commerce site verified Wednesday that its business network was compromised along with a database with users’ passwords. Whilst eBay states there’s no proof that users’ financial information was reached in the hack, the company is telling all users to modify their passwords.
eBay first got in touch with CNET following this story was first revealed, saying it uncovered “recently” it had become a victim of “a cyber attack on our corporate information network, which compromised a database containing eBay user passwords.” The company’s spokesperson told CNET there is “no evidence that any financial information was accessed or compromised.”
The statement follows an odd stream of events this morning when eBay-owned PayPal posted a blog entitled “eBay, Inc. to Ask All eBay users to Change Passwords.” The blog article provided nothing but the title, but rapidly hit the Web after it had been retweeted many times. The blog post was then taken down from PayPal’s site, leading to a lot more confusion for users of the online auction house.
eBay has now published information about the hack on its blog. The organization asks all users to change their passwords starting later on Wednesday.
eBay said it detected the hack two weeks ago and engaged in forensics activities to determine what database was compromised and what was stolen. The company narrowed down the attack to “a small number of employee login credentials” stolen by cyberattackers, which it said provided access to eBay’s corporate network.
eBay shares are down 1.73 percent, or 90 cents, to $51.06, following news of the hack.