Q. I have heard that eBay has issued a security warning. Do I need to worry?

A. Online auction house eBay has asked its entire user base to change their passwords due to a cyber-attack that has compromised a database containing encrypted passwords and other data – none of which is financial.
The-eBay-HackThe company said in a statement that there is no evidence that any accounts have been compromised a result of the attack and is keen to reassure users that there has been no evidence of unauthorised access to financial or credit card information, which is apparently stored separately in encrypted formats.
“Changing passwords is a best practice and will help enhance security for eBay users,” the statement reads. “Information security and customer data protection are of paramount importance to eBay Inc., and eBay regrets any inconvenience or concern that this password reset may cause our customers. We know our customers trust us with their information, and we take seriously our commitment to maintaining a safe, secure and trusted global marketplace.”
The attack saw employees’ account log-in credentials targeted and this allowed access to eBay’s corporate network. eBay is apparently “aggressively investigating” the matter with the help of law enforcement and security experts.
The Information Commissioner, Christopher Graham, has said he is also “actively looking at this situation, with a view to launching a formal investigation”.
“Our response is made complicated by the nature of a big multinational internet company like eBay. They’re an American company, so the Federal Trade Commission will look into this. They’ve got a European headquarters in Luxembourg, and so the Luxembourg data protection authority will lead on an investigation in Europe. And there’s millions of UK citizens affected, so clearly we will be involved where we can.
“What we can be sure about is that if there has been a breach of the UK data protection act, we’ll act firmly.
“Responsible companies have got to act to keep their customer information safe, and if they don’t, they’ll find they’re not just in trouble with the Information Commissioner, but they’re in trouble with customers too.”