In a posting on the company's website, eBay is urging users to change their password after a cyberattack compromised a database that contains encrypted passwords.
The company says there is no evidence of unauthorized activity or evidence that financial or credit card information has been stolen from the online bidding site. “However,” the company said, “changing passwords is a best practice and will help enhance security for eBay users.”
The California e-commerce company is working with law enforcement to investigate the attack. While eBay says the number of customers affected could be large, it also noted that because the investigation is active, the company can't comment on the specific number of accounts.
Cyberattackers hijacked a small number of employee log-in credentials that gave them access to eBay's corporate network. The hackers would have gained access to customer information like names, encrypted passwords, email addresses, physical addresses, phone numbers and dates of birth. Shoppers who use the same password on other sites are advised to change those too.
The database was hacked sometime between late February and early March. EBay owns electronic payment service PayPal, but eBay says there is no evidence PayPal information was hacked.
A Forbes magazine business profile of the e-commerce giant that was posted Tuesday said what it called "the world’s electronic flea market" has grown to 124 million active since its launch 20 years ago. In their last reported quarter, eBay posted revenues of $4.4 billion.
Hackers have stolen customer information for a number of retailers, most notably, Target. Other large national chains that have had customer credit card information hijacked include Neiman Marcus and Michaels.