Prime Factors Blog

Breaking news -- eBay users advised to change passwords

Posted by Jeff Cherrington on May 21, 2014 12:00:00 PM

A post early this morning to the PayPal community and press pages alerted eBay customers to change their passwords without providing any additional explanation.  Additional detail continues to appear as the day wears on.

The latest information is found on PayPal Community page advising eBay customers to change passwords, going on to say there are no indications yet of compromise of customer information.  The statement says that a cyber-attack compromised a database of encrypted passwords and other non-financial data.  It sets an expectation that eBay will notify customers directly within 24 hours.

The discussion indicates that the financial and customer data are stored and encrypted separately, a best practice that should be applauded if true.

If you've ever haunted an auction to snipe in that final winning bid or, like me, clicked on "Buy Now" button, look for an email and expect to change your password promptly.

Hmmmm.  After the recent announcement about the OpenSSL exploit, requiring a change of passwords, and now this, there has to be a market emerging for the automated password replacement application.  Anyone have any candidates from the offerings already in the market?