eBay Data Hack – Do More Than Just Change Your Password

ebay data hacked

There has been a lot of press over the eBay hack, in which their entire user database appears to a have been stolen and downloaded via a compromised staff password.

All the passwords were encrypted, but in a manner believed to be breakable, so the the key message has been to “change your eBay password”.

However, there are a couple of points that are of more importance than changing just the eBay password. Bear in mind this data was stolen in the January / February timescales – between 4 and 5 months ago. Its shameful that we’ve only been alerted now.

So, your attention needs to be focussed a bit wider than your eBay password. You need to assess your password policy and think identity protection.

Change it on eBay

Yes, change your eBay password – change it today. Make the new one a secure password.

If you’re not sure how to, log into eBay and go to My eBay > My Account > Personal information and click ‘Edit’ next to password.

Think. Where else did you use that password?

The vast majority of people use the same password in several places. If this was a ‘common password’ you need to update it everywhere is was used.

Did you use the same password for your email address? Well your email was in the eBay data, so now they’ve got that too.

Hackers will take a known password and associated email address, and try that combination on lots of websites and services to see if you have an account there too. And even if say your Twitter password was different, if they’re in your email they can request a password reset and change it to gain access.

Did you set a secret ‘answer’ to a security question? Mothers maiden name? Pets name? They’ve got that too. Anywhere else you’ve used it needs to be changed too.

While you’re changing all this data consider using a much strong password sstem altogether like LastPass which securely stores complex and srong passwords for all your logins and enters them for you. Each one can be different, highly recommended, and you only need to remember one password – that needed to access LastPass.

Identity Theft

A buzzword in the online age, the thing getting less attention here is the risk of identity theft. eBay stores crucial things like your correct home address, full name, date of birth and possibly a registered credit card or bank account too.

More than enough for a hacker to impersonate you and start attempting things like attempts to access your bank, or take out a new credit card in your name.

Services like Equifax and Credit Expert monitor your credit file and alert you to any changes or new requests and are well worth looking into if you’re concerned. Both have free 30 day trials for new customers, and are around £15 / month after that.

Image via cyberwarzone.com

This post was written by Rob Gordon, an IT geek, gadget lover and blogger. Rob has been using the internets since 1994 when the only streaming video was that coffee pot in Cambridge (rip).... Follow Rob on Twitter - @robgordon - about.me/robgordonuk

You must be logged in to post a comment Login