SYS-CON MEDIA Authors: Kevin Benedict, Gilad Parann-Nissany, Michael Bushong, Eric Brown

Blog Feed Post

eBay Email Provides Explanation and Apology


In early May, eBay discovered that its network had recently been compromised, and on May 21st a banner appeared on acknowledging the breach and recommending that users change their passwords. Later that day, however, the banner disappeared, and throughout the week many users responded with frustration and disappointment at what many perceived to be a lack of transparency.

The most recent development came on Memorial Day, when Devin Wenig – president of eBay marketplaces – sent an email to customers apologizing for the breach and providing more details to users. According to the email, “this attack occurred between late February and early March and resulted in unauthorized access to a database of eBay users that includes customers’ names, encrypted password, email address, physical address, phone number and date of birth” – but not financial information. The email goes on to say that eBay has no evidence that the hackers accessed customers’ banking information or credit card numbers, and there is no evidence of increased fraudulent activity on the website.

While the email from Mr. Wenig suggests that the situation is under control, many headlines indicate that eBay users and techies are not so sure. Some feel that the compromised personal information makes individuals very vulnerable to identity theft and phishing attacks because lawbreakers will have so many details about individual eBay users, while others consider the eBay attack less-than-catastrophic because the stolen information does not include social security numbers and credit card numbers.

Although eBay’s initial response to the breach appeared slow and halfhearted, this email suggests that the company is finally taking the threat seriously, albeit with a very positive interpretation of events. Nonetheless, further developments can be expected – as the Federal Trade Commission and investigators are likely unconcerned with how much eBay says it has the situation under control.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley, former CTO of the Defense Intelligence Agency (DIA), is Founder and CTO of Crucial Point LLC, a technology research and advisory firm providing fact based technology reviews in support of venture capital, private equity and emerging technology firms. He has extensive industry experience in intelligence and security and was awarded an intelligence community meritorious achievement award by AFCEA in 2008, and has also been recognized as an Infoworld Top 25 CTO and as one of the most fascinating communicators in Government IT by GovFresh.