eBay Tells Users to Change Their Passwords After Cyberattack

Ben Margot/AP File Photo

Compromised employee log-in credentials were first detected about two weeks ago.

Early this morning, a message asking all users to change their eBay passwords appeared on the community homepage and press page of PayPal, an eBay-owned company. The message was ominous, but mostly blank:

Shortly after, the message disappeared. Not before several media outlets noticed, however, and started wondering what was going on. Reuters even pushed out a brief story about the announcement to its wire service.

The Wire contacted eBay's press office for an update, but has not yet received a response. In the meantime, users should change their passwords, even if the message was published by eBay in error. Better safe than sorry!

Update, 9:25 AM: eBay has just updated their website with a formal announcement telling people that they should indeed change their passwords, citing a security breach between late February and early March. The 'change password' message appeared because "Compromised employee log-in credentials were first detected about two weeks ago. Extensive forensics subsequently identified the compromised eBay database, resulting in the company’s announcement today."

Luckily, there has not been an indication of fraudulent activity, unauthorized access to accounts, or personal/financial information compromises. Regardless, you should still change your password.