Add another notch to the tally of companies on the receiving end of a massive data breach. Earlier this morning, eBay revealed that internal and customer databases containing the names, addresses, email addresses, phone numbers, birth dates, and encrypted passwords for millions of users were compromised recently. The company says there’s no evidence of financial information being accessed and is advising all users to change their passwords.
The breach took place between late February and early March but was detected only a couple weeks ago. According to eBay’s statement, attackers compromised “a small number” of employee logins first and used that to access the server holding the aforementioned information.
News of the hack first leaked through a post on the company’s own PayPal blog containing nothing but a title. It was promptly taken down but not before screen grabs hit the web though dozens of tweets. eBay has since sought to clarify that PayPal data is stored separately, fully encrypted, and remains safe.
The latest data breach is definitely among the biggest in recent times, and the largest since last year’s attack on Target, where hackers stole data from upwards of 70 million customers. eBay hasn’t confirmed the number of affected accounts but the website counts nearly 130 million active users.