VALID - May 2014 eBay Password Reset Notification EmailOutline
Email from online auction company eBay asks you to change your account password due to a security breach.
The email is legitimate and you should indeed change your eBay password. eBay recently discovered that hackers had accessed their customer database, which holds encrypted passwords and other personal information. According to the company, there is no evidence that customer financial information was compromised. However, the company is asking users to change their passwords to 'help ensure the trust and security of all eBay customers'. While this email is valid and really is from eBay, watch for copycat scams that attempt to capitalize on news of the breach.
Subject: Important - eBay Password Reset Required
IMPORTANT: PASSWORD UPDATE
Dear eBay Member,
To help ensure customers' trust and security on eBay, I am asking all eBay users to change their passwords.
Here's why: Recently, our company discovered a cyberattack on our corporate information network. This attack compromised a database containing eBay user passwords.
What's important for you to know: We have no evidence that your financial information was accessed or compromised. And your password was encrypted.
eBay Password Reset Email is Legitimate:
However, this email is legitimate and really is from eBay. The company is asking its users to change their passwords to 'help ensure the trust and security of all eBay customers.'
Significant eBay Security Breach:
The compromised database holds encrypted passwords as well as other -unencrypted - personal information such as customer names, email and physical addresses, phone numbers, and dates of birth.
eBay states that it has 'no evidence that your financial information was accessed or compromised'. However, this rather vague assurance has done little to alleviate the concerns of users.
The possible implications for eBay's customers remain unclear. The unencrypted personal information accessed in the breach could be used in targeted phishing attacks or in identity theft attempts.
Heed the Advice in the eBay Notification:
Beware of 'Copycat' Scams:
Note that the genuine eBay notification does not ask you to click a link. Instead, it asks that you go to eBay in your usual way and login to change your password.
Last updated: May 27, 2014
First published: May 27, 2014
By Brett M. Christensen
Important - please change your eBay password
Ebay urges users to reset passwords after cyberattack
eBay urges customers to change passwords after massive cyberattack on databases; no PayPal breach
Phishing Scams - Anti-Phishing Information