you're reading...
Computer Technology

eBay’s Huge Security Breach


eBay announced this past Wednesday it was hit by a huge cyber attack sometime during the February and March time period of this year.

The attack exposed the personal data of up to 233 million registered accounts. Attackers gained unauthorized access to eBay’s main database which contains usernames, passwords, email, and physical addresses.  eBay’s response to the crisis has been criticized as being more embarrassing than the attack itself. It took eBay three months, until this May, to notice the data breach, after which it waited two weeks to make an announcement.  eBay is now being investigated by three states — Connecticut, Florida, and Illinois — in a joint probe into its security practices.

On top of the massive cyber attack, researchers have found that eBay’s site is vulnerable to a serious flaw that could allow an attacker access to user accounts. The flaw is called a cross-site scripting (XSS) vulnerability. It was discovered by a 19-year-old college student in the United Kingdom. In a nutshell, an XSS flaw can allow an attacker to inject malicious code into an otherwise seemingly safe site, intercept cookies in a user’s session and — this part is especially scary to think about — gain access to the user’s account and interact with the site as that user.

Along with eBay, CNN and PayPal are two other major sites that have experienced XSS vulnerabilities.

Hopefully, among the lessons learned from eBay’s data breach and XSS vulnerability, is that eBay needs to take measures to tighten up security holes in their site. And, other businesses need to take into account why eBay’s site was exposed and look into how exposed their own sites might be, and what proactive security steps can be taken.

For their part, eBay is urging all its users to change their account password.  Additionally, when faced with having to make a password change, it is highly recommended to use a combination of letters, numbers, and symbols.  Home computer users should also make sure they keep their computer operating systems, along with all installed software, up-to-date with the most current patches.

About Gary Reiner

thinking, reading, and writing about whatever's going on in the world...


No comments yet.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Major League Baseball

Atlanta Braves are the 2021 World Champions!

St. Louis Cardinals

Cards look forward to 2022 season.


Comfortably Numm theme song: Comfortably Numb, by Pink Floyd…

Oh Wow!

Are We Having Fun Yet?




Brought to You By

My Other Website:

%d bloggers like this: