If you have an eBay account, then you may very well know that few months ago eBay had fallen victim to a cyberattack. Though, eBay is trying hard to urge its users to immediately update their login passwords, most of them are still wondering how safe is their data and what exactly they are supposed to do to prevent it from getting compromised.
The attack actually took place between the months of February and March. However, the irony is that it was only until the month of May that the eBay staff came to know about such a breach. It is assumed that the hackers spied on usernames, physical addresses, email IDs, date of births and phone numbers through an internal “eBay Corporate Account”.
Although, the hackers succeeded in gaining access to passwords, they failed to decode them, as all the passwords were in an encrypted form.
The representatives from eBay in one of their statements revealed that they literally have no idea about how many accounts were actually seen by the hackers, and they are in no position to comment any further on that.
However, they stressed on the fact that no financial info was compromised, and the hackers penetrated the system via employee login info only.
This episode has raised eyebrows in the industry, and most of the experts fear that such incidents may spread beyond eBay, as most of the individuals use same password in multiple sites.
At present it is hard to scale the magnitude of this breach, but as a safety measure users are recommended to immediately change their passwords, and avoid using the same password on other sites.
In fact, few weeks before this incident a major encryption flaw known as the “Heartbleed Bug” infected several popular sites including Facebook and Gmail too. It may come as a surprise to you, but this bug was operating since past couple of years and it was until recently when the authorities came to know about it.
The Heartbleed bug was responsible for exposing credit card numbers and passwords. According to a survey done by Software Advice, it was found that only 33% internet users had actually updated their passwords.
Hackers are smarter these days, as they make their move slowly and remain undetected. For instance, if we talk about the “Target” incident, the hackers took enough time to find out their weak entry point, like stealing leverages credentials from an employee of the organization and then using them on the behalf of that employee. Such a breach is almost impossible to detect.
There are high chances that in future we may come across several similar incidents, and as an online user it becomes our duty to protect our valuable data with a better password management.
We must update our passwords on regular basis (every six months) since sites like eBay provide customer information that can easily be used to cheat customers through phishing scams. Moreover, using symbols, numbers & letters in a password ensure a strong password, which is hard to decode.
For more information, visit us http://fraud.net