Ebay Hack has Huge Implications

MONEY talks, Growth Hackers Hack..

Ebay users’ account details have been compromised in a major security breach, and this could have a huge effect on its payment arm, PayPal, and the web at large.

Amanda Miller, an eBay spokeswoman confirmed that 145 million records containing personal information including addresses, email addresses, and encrypted passwords were stolen.

Hackers obtained the credentials of employees to gain access to company databases storing this information.

Financial information such as credit card data was not compromised.

Though eBay had sent out a warning to its 223 million users to change their passwords regarding the hack, which was discovered in early May, the security breach could have implications outside of eBay.

For one, since PayPal and eBay are so closely linked together for payments, these stolen credentials may be used to gain access to a user’s PayPal and online bank accounts.

While the passwords were protected with “sophisticated” encryption, said Amanda Miller, previous cases have shown that given enough time and a powerful enough computer, these protections can be brute-forced.

Since the average consumer often reuses passwords, these victims would face not only having their PayPal accounts being breached, but also any other site where they use the same login credentials.

As we’ve seen with the Heartbleed bug in OpenSSL encryption that was discovered in April, and the Target breach during the holiday shopping season last year, hackers will take advantage of any weak link in the chain.

Ebay advises their users to change their passwords, which may lessen the risk for cases of fraud if those encrypted passwords ever do get cracked.

With reports of security breaches popping up seemingly every week, consumers must be weary and above all, vigilant in who and what services they trust to handle their most sensitive details.