EBAY: Major Security Breach- Your Ebay account is NOT safe!

Discussion in 'Stocks' started by Rearden Metal, Mar 9, 2007.

  1. This hasn't really hit the mainstream media yet, but there has been a serious security breach at ebay:

    "I know eBay pretty well," Baldwin said. "They can use all the excuses and lies they want, but they have yet to explain how what is happening on this site could be happening if what I'm saying is not true: <b>that somebody has access to the back end.</b>"


    "Rogue Romanian Hacker May Be Running Amok on EBay"

    I'd never fall for a phishing scam, yet somehow hackers obtained my ebay password, and used <b>my</b> ebay user ID to send out scam emails. Your ebay account isn't safe either. I'm not short (or long) ebay stock or options, but I wonder if this security breach, along with ebay's lousy handling of the matter, will drop the stock a bit once this problem becomes widely known by the public.

    More: http://www.eweek.com/article2/0,1895,2100808,00.asp

    <b>What's bugging ebay?</b>

    By Lisa Vaas
    March 6, 2007

    Updated: The auction behemoth is being skewered by Vladuz, the Romanian impaler, and the e-villagers are whispering that he's sucking customer and service rep account lifeblood directly from eBay's internal databases. Is he that spookily talented, or is he just another, albeit talented and lucky, phisher who also stumbled on an e-mail with internal accounts?

    The eBay villagers are whispering that he can creep through eBay's internal databases and suck the lifeblood of customer accounts—log-ins and passwords—right out of their pulsing, 222 million-plus customer heart. He's putting up bogus listings as fast as eBay can take them down, and that proves he's walked through a security hole as big as a barn door.
  2. This has the potential to become a major scandal.
    To put it in simple and concise terms:

    A hacker has gained access to ebay's internal database, and is able to pick off your username and password from ebay's servers.
    Ebay is claiming that the hacker got the stolen passwords by phishing each individual victim. This is an outright lie! They got <b>my</b> ebay password, but I was NEVER phished by anyone.
  3. just21


    I had to change my ebay password after somebody bid in my name. I was not phished. They did catch it pretty quickly and notify me.
  4. Damn...yeah Ebay has major fraud problems. I have heard of people getting their bank of america accounts wiped out via ebay/paypal.
    I have bought things on ebay & I have a sellers account so I am a little worried. I think I closed my paypal account as they were annoying me. Did you close your accounts ???
    If they get your id & password & they bid on stuff or do a "buy it now", can they get your credit card and/or bank account numbers ???
    I was phished CONSTANTLY when I was trying to sell my car.

  5. Can you elaborate a little please ???

    So someone bid & won with your ID ??? How did they try to pay ??? Ebay emailed you about it when they found out ??? Do you have a sellers account ??
    Thank you.
  6. At this point it appears that ebay username & password info has been stolen, but perhaps not the credit card info, which ebay claims is stored separately. They wouldn't be able to 'buy it now' without knowing your paypal password (I know paypal is owned by ebay, but I haven't seen any evidence that the breach has spread to paypal.) At this point, I've changed my passwords without closing the accounts.

    The 25 scam emails were phishing attempts, all sent in my name to people selling <b>cars</b> on ebay. Those emails contained the words:
    My name is Jackalyn Milne.

    I just saw this item of yours and I remember seeing the same item two days ago, take a look:

    (*Phishing link here*)

    I bet that message is similar to the ones you received, isn't it?
  7. ssblack



    Thanks for the heads up. I closed mine and my wife's accounts with EBAY and Paypal just now. We never use them anyway, and it's not worth having them open.

    I'd suggest to everyone to get Experian's Credit Watch service - i think it's 5 bucks a month - and so worth it to see when things are going on with your credit report.

    For the record, I was also a victim of my user/pw being stolen without being phished. I regularly reported phishing emails to EBAY when I had an account with them. They tried to sell 5 cars with my account info, and EBAY caught it very quickly, but it still unnerved me enough to close the accounts altogether.

  8. The ones I got said something like...

    Dear Ebay Member, click this link to update your account information or your account will expire, etc etc...

    They looked VERY authentic.... had the ebay logo & what looked like an ebay web address, but they were sent to my spam folder, so I was suspicious immediately. I forwarded all of them to the ebay fraud email address & they emailed me back saying it was not sent from ebay.

    A few days ago I emailed a seller to ask a question about a sale item & I never got a response. Seems like the seller never received the email so I wonder if it has something to do with the hacker.
  9. I have not used Ebay in years, but I know my account was recently hacked cause someone used it to buy something and not pay or smth. So they keep sending me emails about the seller complaining and how I need to log in and go through the resolution process
    Yet I cannot even log into my account cause the EBAY retards blocked it or something.

    That company's best days have long passed them by.
  10. This hacker is repeatedly logging on to ebay's employee servers at will, and ebay lies about it:


    <b>Mysterious 'Vladuz' again hacks eBay employee servers</b>

    A hacker has once again managed to pilfer eBay credentials that allow him to masquerade as an official company representative even as he taunts eBay officials on the company's message boards. It's at least the second time the person going by the name Vladuz has pulled off the prank, which is causing many users to question the adequacy of eBay security.

    The hacker, said to be living in Romania, claims to have acquired the ability to penetrate the company's perimeter at will. Combined with a rash of hacked accounts, the assertion has created a small but vocal group of users who believe <b>eBay is covering up a massive back door in its defenses.</b>
    #10     Mar 9, 2007