Hacked Off By Internet Threats
Giant Internet auction site eBay recently found that their customer information servers had been hacked sometime between late February and March this year. They then sat on this information for around a week before realising that they should probably tell their 145 million customers about it and suggest a password reset. There are several things that are very wrong here.
The information that was available to the hackers was the customer name, email address, physical address, phone number, date of birth and an encrypted user password. The official eBay word is that no financial information such as credit card details were ever made available to the hackers. I am left wondering how accurate this is. If they only found that their customer information servers were hacked several months ago, would they even know yet if their financial servers were hacked last week?
It is not just eBay that has these problems. Large Internet sites such as Facebook get hacked almost every other week, Government departments get hacked and some countries have even had their defence departments hacked into. This is a global problem and it is only getting worse each year. As far as the eBay hack is concerned there are several things that can now happen. One of these is identify theft – whereby a 3rd party has enough information about you to open a bank account or even take out a loan in your name.
The possibility of identity theft is now more real for these 145 million eBay users as the hackers have a head start with the personal details that they already have. They would presently be trying to match the info they have with other potential sources of personal information such as Facebook pages and Twitter accounts as well as trying to hack into users’ email accounts to complete the scam. On top of this if they manage to crack the encrypted passwords they have then it is certain that a large percentage of people will use the same password for other sites such as PayPal & their email accounts.
The second thing that will start happening is a spate of emails to these 145 million customers along the lines of – “please note that eBay has had a second security breach. Please click on the link below to verify your login account and change your password, we apologise for any inconvenience”. This will also result in a cash windfall for the hackers. You have to remember that in nearly all cases these hackers reside overseas in countries that are immune to the reach of International computer fraud laws and penalties.
What should these eBay users do? Internet security threats are becoming more prevalent each year. All computer users need to have complex passwords that they change at least every 6 months for the sites they visit and these passwords shouldn’t always be the same. There is far less threat associated with even keeping a ‘username / password’ writing pad next to your PC than keeping the same password for multiple sites for years.
Future Byte Me topics can be emailed to [email protected] and Bruce is contactable at Kerr Solutions, 205 Musgrave Street or on 49 222 400.
For more advice and assistance from Kerr Solutions, like and follow us on Facebook