eBay Slammed for Delayed Action on Major Security Flaw
By Ma Evelyn Castino Quilas | May 23, 2014 11:34 AM EST
American multinational e-commerce company eBay was slammed for the company's delayed action on the major security flaw that affected 128 millions of users for the past three months.
The biggest online marketplace just issued a press release about the cyber attack on Wednesday even though the incident started between late February to early March.
According to an article from Daily Mail, Chairman of the Commons home affairs select committee Keith Vaz stated: "'We have urged companies to take much more seriously the threat of hacking. It is inexcusable that a company as important as eBay has failed to inform its customers immediately that this has occurred. We need a full explanation. 'We will be writing to them to ask how this happened and whether this problem has been resolved.'
In a press statement released by eBay, the company mentioned that the compromised information includes the customers' name, encrypted password, email address, physical address, phone number and date of birth. It also mentioned that the log-in details of some employees were also hacked allowing attackers to illegally access eBay's corporate network.
The online auction site further mentioned that there is no evidence that Paypal accounts were affected by the biggest internet raid of the century. The press statement also mentioned that nobody touches their user's money all these time.
The company then asks their million users worldwide to change password immediately. "Beginning today, eBay users will be notified via email, site communications and other marketing channels to change their password. In addition to asking users to change their eBay password, the company said it is also encouraging any eBay user who utilized the same password on other sites to change those passwords, too. The same password should never be used across multiple sites or accounts," says the press statement.
The ironic revelation of major hacking incident in eBay took place just days after the site was mentioned in a study conducted by Dashlane as one of the popular sites which is susceptible for internet threats.
According to Dashlane's second password security roundup conducted after Heartbleed bug, eBay obtained only a security scored only +30 which is way below the +50 minimum requirement score for adequate password policies. The company was also cited for its unsafe practice of not locking the user's account after 10 incorrect password attempts giving hackers a freeway to do their thing of stealing user's information.
Even though eBay users have already changed their password, the hackers have already taken hold of the user's personal information. There is still a probability that these data will be used for identity fraud after the major security flaw took place. As iboss Network Security Chief Executive puts: "eBay was the golden goose of 'hacking targets' due to the sheer amount of information which is held."
To contact the editor, e-mail:
Join the Conversation
- 5 Proofs Russia is Geared-Up for Shooting War with U.S. and Can Win Future Nuclear Showdown
- Target’s ‘Surprise Doorbusters’ Black Friday 2014 Deals On TV Sets, Entertainment Centres, DVD Players And More
- IKEA Black Friday 2014 Ad Includes Discounts On Home Furnishings, Appliances, Kitchen Designs, Beds, Sofas, Mattresses And Toys
- T-Mobile’s Black Friday 2014 Deals On Apple iPhone 6, Samsung Galaxy Note 4/Edge, Nexus 6, HTC One M8, LG G3, iPad Air 2 And Mini 3
- ISIS Drug Transit From Afghanistan To Europe Confirmed By Russia: Money Goes Into Terror Funding And In New Recruitments
- Bill Clinton At It Again, Caught By Camera In Jerusalem Peeking At Woman’s Breast
- Walmart Canada Black Friday 2014 Ad For Nov. 28, 2014 Up To Dec. 1, 2014 Includes Savings On The iPad Mini 16GB And The Beats Solo HD Drenched Headphones