123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

How Bad Is The Ebay Breach? Here Are The Stats

Profile Picture
By Author: Skyhighnetworks
Total Articles: 54
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

eBay announced today that hackers had infiltrated their systems and stolen the passwords of 145 million users. In addition to account passwords, hackers obtained names, email addresses, birthdates, physical addresses and phone numbers.

Was financial information compromised?

According to eBay, the breach did not include credit card numbers or financial information from PayPal, which is owned by eBay. (For the latest from eBay, visit their blog.)

That being said, eBay users are now particularly subject to phishing attacks. Reason being is that criminals will have access to personal information that could help them trick an unsuspecting eBay user into sharing additional information or clicking on a malicious link.

How the breach was discovered

Mark Carges, eBay’s Chief Technology Officer, said the company discovered the breach after noticing several unusual behaviors on the company network. Essentially, eBay detected anomalies (activities statistically separated from normal behavior) in their network usage. It’s worth noting that Skyhigh uses a similar strategy to identify ...
... security breaches at customers, but instead of looking for anomalies in the network usage within an enterprise, we look for anomalies in all data leaving your enterprise.

Upon investigating, Carges and the FBI discovered that hackers had learned employee passwords and used their credentials to access internal systems, starting in as far back as February.

The question enterprises are now asking is, “How bad is it?”

How bad is it?
In terms of breadth – this breach has widespread reach. Our data shows that 99% of companies have employees who are using eBay, and doing so from work. Even more, the average Fortune 2000 company has just approximately 15,800 employees using eBay.

In terms of impact to corporate Security, this breach does not have the impact of the Heartbleed vulnerability or even XP’s end of support. Reason being is that most eBay users visit the service exclusively for personal reasons and do not store sensitive corporate data within the service.

That being said, employees often use the same password across Cloud Security services. According to a recent study by Joseph Bonneau, from the University of Cambridge, 31% of passwords are re-used. This is critical because it means that hackers can use eBay credentials to guess the login/password information of other corporate cloud services. Applying the 31/100 ratio from the study across the average 15,800 eBay users per company shows that approximately 4,900 employees per company have passwords to other cloud services that could be guessed using compromised eBay credentials.

Attackers could also conduct phishing attacks that could compromise their devices and put corporate data at serious risk. For this reason we advise eBay customers to change all of their credentials for all cloud services if they match those used in eBay.

In addition, Skyhigh continuously analyzes cloud service usage and will alert customers of any unusual behavior that may indicate a breached account.

Author :
Skyhigh Networks, the Cloud Security Services company, enables companies to embrace Cloud Security Services with appropriate levels of security, compliance, and governance while lowering overall risk and cost. With customers in financial services, healthcare, high technology, media, manufacturing, and legal verticals, the company was a finalist for the RSA Conference 2013 Most Innovative Company award and was recently named a "Cool Vendor" by Gartner, Inc. Headquartered in Cupertino, Calif., Skyhigh Networks is led by an experienced team and is venture-backed by Greylock Partners and Sequoia Capital. For more information, visit us at http://www.skyhighnetworks.com/ or follow us on Twitter@skyhighnetworks.

Total Views: 458Word Count: 572See All articles From Author

Add Comment

Computers Articles

1. Extract Trader Joes Grocery Store Location Data For Insights
Author: FoodDataScraper

2. Publix Grocery Data Scraping Services For Real-time Tracking
Author: Actowiz Solutions

3. Scraping Food Delivery Data From Menulog For Business Intelligence
Author: Food Data Scrape

4. Why Transportation Companies Need Embedded Bi Tools – Helical Insight
Author: Vhelical

5. Time Attendance System Singapore | 1 Sgd Mobile Attendance Easy Setup
Author: guard

6. Employee Gps Mobile Time Attendance | 1 Sgd Per Month Payroll Integration
Author: guard

7. Gps Nfc/qr Guard Tour Patrol – Free Payroll – 30sgd Monthly Subscription
Author: guard

8. Elearning Security Officers & Free Payroll – 30sgd Monthly Subscription
Author: guard

9. Guard Tour System & Security Patrol – 30sgd Per Month Plan
Author: guard

10. Top Benefits You Gain When You Hire Oracle Sql Developer For Efficient Data Management
Author: Stellanova GlobalTech

11. Discover How Microsoft Purview Compliance Manager Simplifies Cmmc Compliance For Gcc High Environment
Author: ECF Data

12. Scraping Food Ingredient Info From Sydney, Australia, For Insights
Author: Food Data Scrape

13. Best Website Design Perlis | Rm499 Unlimited Pages – Creative Solutions
Author: mobiwork

14. Rm499 Unlimited Pages Custom Web Application Development | Quality Guaranteed
Author: mobiwork

15. Flexible Work Arrangement & Free Payroll – 1sgd Monthly Pricing
Author: mobiwork

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: