E-Commerce giant eBay has confirmed that one of its databases was compromised by a cyberattack between late February and early March 2014. As a result, the company is asking users to change their account passwords.
The database contained personal information including customer names, passwords, dates of birth, phone numbers, home addresses and email addresses. The company said there is no evidence of unauthorized access to financial or credit card information, which is stored separately in encrypted formats, according to an announcement on the company blog. There has been no indication of increased fraudulent activity on the eBay site.
“Working with law enforcement and leading security experts, the company is aggressively investigating the matter and applying the best forensics tools and practices to protect customers,” the statement noted.
Evidence of compromised employee log-in credentials was first discovered approximately two weeks ago. Subsequent forensics then identified the compromised eBay database.