E-commerce company eBay was hacked and identity information about its clients was accessed by hackers, according to a statement by the company. EBay said that the cyber attack occurred between late February and early March and has possibly affected a “large number” of accounts.
EBay is urging all of its users to change their passwords, including the 145 million customers who had engaged in transactions on the site in the last 12 months.
The hackers, however, were unable to access financial or credit card information, since those are encrypted and stored separately from the other information.
“For the time being, we cannot comment on the specific number of accounts impacted,” eBay spokeswoman Kari Ramirez said. “However, we believe there may be a large number of accounts involved.”
EBay is, with the aid of law enforcement, currently investigating the breach which was first detected two weeks ago.
“I don’t think there was a lapse,” JMP Securities analyst Ronald Josey said. “I think eBay’s encryption is amongst the best considering that consumer financial data was not impacted.”
This was not the first time eBay has faced cyber attacks. The Syrian Electronic Army hacking group breached and defaced several websites in February including eBay.
“The real key question going forward will be if any money has been stolen, or any unauthorised activity been performed,” Wedbush Securities analyst Gil Luria said. “As long as this is not the case, this thing will come and go and will not be an issue for eBay.”