Online marketplace eBay announced this week that it had been the victim of a cyberattack. The Californian-based company, which has 128 million active users, revealed on Wednesday that a database had been hacked between late February and early March this year.
The company said that the attackers accessed a database containing encrypted passwords and other data after obtaining a small number of employee log-in credentials.
Now Mashable reports that eBay users could still be at risk even if they have changed their passwords, as they were asked to do by eBay.
It says: “But the intruders had access to personal information beyond passwords, including names, mailing addresses and dates of birth — data that can’t so easily be changed.”
Mashable says that it seems more likely than not that at least some of the stolen information will make its way to various underground markets that deal in exchanging personal data, and asks: “If billion-dollar companies want us to give up our personal information, shouldn’t we make sure they are going to protect it?”
Meanwhile, Forbes says that, after the Heartbleed attack of April,this latest breach will inevitably kick off a flood of stories about how much the password system, as it currently exists, sucks.