E-commerce giant eBay Inc (EBAY) revealed Wednesday that it suffered a massive cyber attack on its encrypted passwords database between late February and early March of this year. The auction site says that while it has not seen a jump in fradulent activity, it acknowledges the data breach may have affected many of its 148 million active accounts. eBay however, noted that passwords were encrypted and are virtually impossible to be deciphere, but as a precaution is urging its users to reset the passwords on their accounts.
“The database…included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth,” eBay said in a statement on its corporate blog. “However, the database did not contain financial information or other confidential personal information.”
The company isn’t specifying an exact number of the effected accounts — or even how many users had information stored in the compromised database. But an eBay spokeswoman said the hack effected “a large number of accounts.”
Meanwhile, the compromised database doesn’t seem to have impacted eBay’s PayPal users. The online payment service noted that PayPal information is stored separately and information is not shared with eBay or other merchants.
“Extensive forensic research has shown no evidence of unauthorized access or compromise to personal or financial information for PayPal customers,” PayPal stated.
This is not the first time, and probably won’t be the last, eBay has been hacked. Back in 2007 a hacker from eastern Europe reportedly exposed the financial details of 1,200 users.
Shares of eBay reached an intraday low of $50.30 in early trading on the Nasdaq before recovering to $51.64 by midday. The ticker closed at $51.88 on Wednesday.