Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

eBay denies security breach led to posting of user data

EBay rejects notion that yesterday’s posting of eBay user information and credit card data is link to a system break-in.
By Ellen Messmer , Network World , 09/26/2007
  • Share/Email
  • Tweet This
  • Comment
  • Print

When the names and personal information of 1,200 eBay users, along with credit card numbers, suddenly appeared yesterday on eBay’s Trust & Safety Discussion Board where public comment is shared, eBay responded by immediately shutting down the discussion board.

In the hours that followed, eBay’s security team launched an investigation to determine whether the information on the 1,200 eBay users could be linked back to a hack of the eBay computer systems. Because some have questioned whether eBay was covering up a break-in, eBay is now undertaking to explain why it does not believe the incident is tied to any breach of its systems. EBay also is working to contact each of the 1,200 affected eBay users individually by phone to explain the situation to them.

When Good Applications Go Bad : View now

“EBay’s servers were not breached,” said spokeswoman Catherine England, noting that eBay has determined the credit card numbers posted yesterday with the 1,200 eBay user names are not identical with credit card information that eBay stores.

“This credit card information was not associated with any financial information kept on file at eBay or PayPal,” she said.

Related Content

EBay doubts that these credit card numbers are valid, and research is supporting the idea it probably isn’t, eBay stated today.

“This could be a variety of phishing or identity-theft scam,” she said about the incident, noting that eBay has more than 241 million users worldwide. “We’re often targeted by fraudsters and phishers.”

EBay is in the process of contacting by phone each of the 1,200 users to notify them of the incident on the eBay Trust & Discussion Board, which has now been returned to service for its main purpose.

“To ensure the safety of our members, we are in the process of proactively contacting members by phone, so that if the information is valid somehow – regardless how this fraudster acquired the information – these members can take the steps they need to take to protect themselves,” stated eBay spokeswoman Nichola Sharpe in an e-mail.

  • Share/Email
  • Tweet This
  • Comment
  • Print

Comments (1)
Login
Forgot your account info?

RE: eBay denies security breach led to posting of user dataBy Kim on September 27, 2007, 1:51 amebay has always denied security breaches and has always claimed that there is never stolen merchandise for sale on ebay (although they have never said how, as a...

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed