Do that when I get home.

Changed. Thanks

Thanks for the heads up! Haven't changed pass on eBay more than a year...

Thanks for the heads up! Haven't changed pass on eBay more than a year...

I have to admit, I have the same password from 2005 when I started my ebay account.

Changed, thanks 🙂

....

Done, cheers.

Do that when I get home.

Hack eBay? lol :banana:

Changed mine, cheers.

Hack eBay? lol :banana:

All your monies are belong to us! :P

I have to admit, I have the same password from 2005 when I started my ebay account.

Same here lol

Probably hacked and then stolen by the NSA.

So if they have our names, addresses, phone numbers and emails, and they use that for ID theft and cause us a sh1t load of problems, who is held responsible? eBay ? And where is eBays 2 step authentication already? 2014 not 1994

Done. All necessary sensitive info changed. Thanks Hilb.

So if they have our names, addresses, phone numbers and emails, and they use that for ID theft and cause us a sh1t load of problems, who is held responsible? eBay ? And where is eBays 2 step authentication already? 2014 not 1994

That will not do any good after all did not read they had employee account access. And I was you all I also change your Paypal as well after all eBay dose own Paypal better be safe then sorry late on :stewpid::bang:.

changed...... for me..."that news"..... is just like a doomsday.... Thank gurus.... just like every day was looking at new posts.... and saw the latter...

I changed all my passwords through lastpass after the heartbleed incident. And I change the passwords that contain sensitive information like a credit card number on a monthly basis. It's pretty easy and manageable with something like lastpass there are other password managers but I'm not sure how good they are. I don't even know my ebay password. I do if I decrypt my local storage vault. Though I'm not really happy that pretty much all my other personal information was obtained. I don't know why they don't encrypt these things. Would you post your full name, address, DOB, phone number on a public forum? No that would be stupid. The consequences would be unpredictable. I highly doubt they care as much about your password. Even if they only collected that information on 10s of millions of users. You can debate all you want. That data is worth a lot. Probably will go to the highest bidder. How do you think you get all that spam in your inbox? Unless you just publicly provide it. More likely than not some service you signed up for sold that data to advertisers. Read those terms of use that you never read and their privacy policy. You will be disturbed at what you legally agreed to in a single click of a button. Go make a dummy email address. Don't ever use it for anything or tell anyone about it. Watch as weeks go by, months, even a year and see just how empty it is. How there's not even a single email sent to you. It used to be where bots would just start sending an email to every possible combination. For example a(at)email.com b(at)email.com. Obviously that is a huge waste of resources and time. Not to mention any decent email provider will prevent a bot doing that. Now you can easily just hack into a database and download all the information because most of it is in plain text. These companies should be held accountable for not protecting the users data. Some simple encryption is all that is required. Ebay of all eCommerce I would have thought implemented even basic encryption on data. What's even scarier is that the same company runs Paypal. Makes me just want to close my paypal account. But that would pretty much cut me off from buying a lot. Not to mention I don't like entering my credit card information every time I want to purchase something. It just feels wrong. Not to mention the obsession with security questions. Like "What city were you born in?" so my long gibberish cryptic password is undermined by a stupid security question. It basically allows a hacker to have complete control of your account that is so stupidly insecure. So when I'm required to enter a security question like that. I have to lie and say my city is "Sag1^PNh5Xv7" and usually I'm required to have 2 other security questions. So I have to make 4 cryptic passwords just for one site. Because the "security" questions undermine the actual security of my account.

Cheers for the heads up. Done.

I changed all my passwords through lastpass after the heartbleed incident. And I change the passwords that contain sensitive information like a credit card number on a monthly basis. It's pretty easy and manageable with something like lastpass there are other password managers but I'm not sure how good they are. I don't even know my ebay password. I do if I decrypt my local storage vault. Though I'm not really happy that pretty much all my other personal information was obtained. I don't know why they don't encrypt these things. Would you post your full name, address, DOB, phone number on a public forum? No that would be stupid. The consequences would be unpredictable. I highly doubt they care as much about your password. Even if they only collected that information on 10s of millions of users. You can debate all you want. That data is worth a lot. Probably will go to the highest bidder. How do you think you get all that spam in your inbox? Unless you just publicly provide it. More likely than not some service you signed up for sold that data to advertisers. Read those terms of use that you never read and their privacy policy. You will be disturbed at what you legally agreed to in a single click of a button. Go make a dummy email address. Don't ever use it for anything or tell anyone about it. Watch as weeks go by, months, even a year and see just how empty it is. How there's not even a single email sent to you. It used to be where bots would just start sending an email to every possible combination. For example a(at)email.com b(at)email.com. Obviously that is a huge waste of resources and time. Not to mention any decent email provider will prevent a bot doing that. Now you can easily just hack into a database and download all the information because most of it is in plain text. These companies should be held accountable for not protecting the users data. Some simple encryption is all that is required. Ebay of all eCommerce I would have thought implemented even basic encryption on data. What's even scarier is that the same company runs Paypal. Makes me just want to close my paypal account. But that would pretty much cut me off from buying a lot. Not to mention I don't like entering my credit card information every time I want to purchase something. It just feels wrong. Not to mention the obsession with security questions. Like "What city were you born in?" so my long gibberish cryptic password is undermined by a stupid security question. It basically allows a hacker to have complete control of your account that is so stupidly insecure. So when I'm required to enter a security question like that. I have to lie and say my city is "Sag1^PNh5Xv7" and usually I'm required to have 2 other security questions. So I have to make 4 cryptic passwords just for one site. Because the "security" questions undermine the actual security of my account.

That isn't a city I've ever heard of, but a cool way to say secure, I like what you did there. It's been mentioned, but you would have thought Ebay would have introduced better security by now other than a simple password. Given that it's an auction site which can be people livelihoods.

Changed, but this "news" comes incredibly late. As much as I hate, loathe, and detest over regulation & legislation - there needs to be something in place mandating when a hack occurs compromising personal information that anyone and everyone impacted is IMMEDIATELY notified and the fines for non-compliance MUST be harsh starting in at minimum 1 million to get the point across to multi-billion dollar empires. I laugh any time I see a fine of $250k on a billion dollar empire.