June 3, 2014 No Comments-
eBay – the world’s largest online auction house – has been hacked. The criminals managed to gain access to the company’s database and download information on all 145+ million users. If you use eBay, here’s what you need to know:
Your password was stolen, but it’s not too bad
The hackers have now got a copy of your password. However, eBay’s passwords are encrypted on the server, so the hackers will have to unpick that puzzle before they’ll be able to see what your actual password is. At the moment, even a password as simple as “password” will look something like this to them: 2F$£G$%g45gedfdDDFDgG%4gRgTR. So while they may have your password, it’s mostly useless at the moment.
What you should do: Change your password on eBay and on other websites (if you reuse the same password in multiple places). Although the hackers will find it hard to unencrypt your password, if they do manage it, it could be very dangerous for your personal information.
Your payment information is safe
None of your payment information was stolen, so you don’t have to worry about fraudulent payments or mysterious TV purchases in the Cayman Islands.
What you should do: Remember to use your credit card rather than your debit card when purchasing on the internet, as most countries have credit card protection regulations, but not ones for debit card.
Your name and address were stolen
The hackers now have your name, date of birth and home address.
As an eBay user myself, this makes me feel really uncomfortable, even though I know that to the criminals, my address is just one of 145+ million. Realistically, the hackers won’t turn up at your door just because they know your name. However, this information can be combined with the next piece to make you vulnerable to online attacks.
What you should do: Don’t worry about this too much.
They have your email address
You may already get SPAM and advertising emails, but you can now expect to get a few more thanks to this leak. Criminals make a lot of money by selling email addresses to people who then send advertisements to the email accounts. For the spammers, if just 0.1% of those 145mil people buy a product from the emails, it was a profitable deal for them. Criminals will also use your address for “phishing” attacks – these are targeted emails that attend to steal your login details for various websites. For example, the criminals might create a program that scans social media for any email addresses that match their huge list. They could then monitor these accounts, and any time someone complains about, say, not being able to login to their online bank, they could email them pretending to be that service. By using personal details such as the user’s date of birth or address, they might be able to convince some people to respond to the emails with their online banking details. These are much more useful for criminals that simply personal data.
What you should do: Never purchase anything from a SPAM email, nor follow links from unsolicited emails!
Norman Safeground Blogs Archive