New York: E-commerce company eBay Inc said client identity information including emails, addresses and birthdays was stolen in a hacking attack between late February and early March.
eBay urged users to change their passwords after the attack on a database that also contained encrypted passwords, physical addresses and phone numbers. The company said it found no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats.
eBay shares fell as much as 3.2 percent on Wednesday morning after the latest high-profile hacking attack on a U.S. company. “For the time being, we cannot comment on the specific number of accounts impacted. However, we believe there may be a large number of accounts involved and we are asking all eBay users to change their passwords,” eBay spokeswoman Kari Ramirez said.
eBay said it was investigating the breach and working with law enforcement agencies. The company also said it had not seen any indication of increased fraudulent account activity on eBay and that there was no evidence that its online payment service PayPal had been affected in the attack.
The attack on eBay was made through compromised employee accounts that allowed unauthorized access to its corporate network, the company said in a statement. It said the breach was first detected about two weeks ago. “The real key question going forward will be if any money has been stolen, or any unauthorized activity been performed,” Wedbush Securities analyst Gil Luria said. “As long as this is not the case, this thing will come and go and will not be an issue for eBay,” Mr Luria added.
eBay has been attacked before. In February, hacking group Syrian Electronic Army breached and defaced websites belonging to PayPal UK and eBay.
