you're reading...
Computer Technology

eBay’s Huge Security Breach

eBay

eBay announced this past Wednesday it was hit by a huge cyber attack sometime during the February and March time period of this year.

The attack exposed the personal data of up to 233 million registered accounts. Attackers gained unauthorized access to eBay’s main database which contains usernames, passwords, email, and physical addresses.  eBay’s response to the crisis has been criticized as being more embarrassing than the attack itself. It took eBay three months, until this May, to notice the data breach, after which it waited two weeks to make an announcement.  eBay is now being investigated by three states — Connecticut, Florida, and Illinois — in a joint probe into its security practices.

On top of the massive cyber attack, researchers have found that eBay’s site is vulnerable to a serious flaw that could allow an attacker access to user accounts. The flaw is called a cross-site scripting (XSS) vulnerability. It was discovered by a 19-year-old college student in the United Kingdom. In a nutshell, an XSS flaw can allow an attacker to inject malicious code into an otherwise seemingly safe site, intercept cookies in a user’s session and — this part is especially scary to think about — gain access to the user’s account and interact with the site as that user.

Along with eBay, CNN and PayPal are two other major sites that have experienced XSS vulnerabilities.

Hopefully, among the lessons learned from eBay’s data breach and XSS vulnerability, is that eBay needs to take measures to tighten up security holes in their site. And, other businesses need to take into account why eBay’s site was exposed and look into how exposed their own sites might be, and what proactive security steps can be taken.

For their part, eBay is urging all its users to change their account password.  Additionally, when faced with having to make a password change, it is highly recommended to use a combination of letters, numbers, and symbols.  Home computer users should also make sure they keep their computer operating systems, along with all installed software, up-to-date with the most current patches.

About Gary Reiner

thinking, reading, and writing about whatever's going on in the world...

Discussion

No comments yet.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

Major League Baseball

2018 MLB Regular Season is underway. Plenty of possibilities this year!

St. Louis Cardinals

Cards have added Ozuna’s bat and some key pitchers this year. Go Cards!

 

Comfortably Numm theme song: Comfortably Numb, by Pink Floyd…

Oh Wow!

Are We Having Fun Yet?

 

Archives

Categories

Brought to You By

My Other Website:

%d bloggers like this: