eBay Stays Silent About Security Issue

Did a hacker get into eBay? Was the credit card and contact information posted accurate? eBay won’t say.
In the past couple of weeks there has been some major concerns about hackers getting into eBay. If you search for “eBay” on YouTube, you’ll see a number of videos supposedly showing a hacker with access to someones account posting fake items stretching back throughout the year. Whether these are real or not is unknown.
During the last week of September, a hacker posted on the Trust and Safety Boards posing as about 1200 eBay Users posting their contact information and credit card information. According to eBay, “The fraudster made these posts in a way that was intended to appear as though he logged in with their accounts.  The posts contained name and contact information, which appears to be valid, and could have been secured as part of an account take over.” However, they claim that the credit card information was “not associated with financial information on file for these users at eBay or PayPal.” 
The original announcement was only posted to The Chatter blog page, not to the Announcments Board. I personally think this is a big issue, and one the few people who found the discussion board mentioned in The Chatter agree with. Unfortunately, only 17 people have posted to that board. One wonders about the other 1183 users. eBay claims to have contacted all users who were on the list via telephone, so I hope you have your phone number updated in your eBay records.
Auctionbytes has been covering this story and has heard from a number of users. It seems there has been more discussion on the Auctionbytes blog than on eBay itself.
I’m really concerned that eBay has not posted an actual announcement about this. In The Chatter it says that more information would be posted as it was discovered. This was September 25th, we’re now at October 6th and eBay has stayed completely silent on this particular issue.
Yesterday there was a post on the Announcement board from Scott Shipman with the title “eBay and your Privacy.” Finally, I thought, some new information. But no. This was about AdChoice, and how eBay users can choose to have the advertisements they see on eBay tailored to their interests (which is determined by eBay based on previous eBay activity). Frankly, I think eBay users are a little less concerned with tailored advertisements right now, and a bit more concerned about if their personal information was posted for all to see. But still, nothing new from eBay.
There is another thread on the eBay trust and safety board about specific issues within user’s accounts. Auctions being canceled, users being listed as NARU, etc. Yes, these account takeovers could have come from a user falling for a Phishing scam, but from the comments on there, it looks like it may not be the case. Who knows if this is real or not. Since eBay is keeping quiet, all we can go on is these user’s words. And no, eBay doesn’t reinstate auctions or the bids that will be lost if an auction is cancelled.
My advice? Be extra vigilant, check that your name is not on the list and change all passwords. If your name is on the list, you should have been contacted by eBay already. If not, contact them ASAP via Live Help.

Leave a Reply

Your email address will not be published. Required fields are marked *