Hacker breaks into eBay server, locks users out

A hacker broke into eBay member accounts late last week and locked them out.

A malicious hacker broke into an eBay server late last week and temporarily suspended the accounts of a "very small" number of members, the company said.

"We were able to block the fraudster quickly before any permanent damage had been done. At no point did the fraudster get any access to financial information or other sensitive information," eBay spokeswoman Nichola Sharpe said via e-mail.

EBay has "secured and restored" the affected accounts and is calling the affected users, she said, without specifying how many accounts the hacker accessed and tinkered with.

"The fraudster did this by accessing externally visible servers, not by hacking into the eBay site," Sharpe said.

She didn't immediately reply to follow up questions from IDG News Service seeking clarification on what is an "externally visible" server and how it's different from an eBay site server.

EBay faces attacks to compromise its systems "every day," Sharpe said. "After learning of the recent situation, we quickly reacted to it," she said.

"As we continue to lock down on the traditional ways that bad guys have attempted to exploit our system, it is only natural that they will look for new ways to get in. It is an ongoing battle," she said.

The incident, first reported by e-commerce news site AuctionBytes, happened little over a week after someone used an eBay discussion forum to post confidential information about eBay users.

The previous incident led the e-commerce giant to shut down the forum, one that ironically was devoted to the discussion of security issues.

The perpetrator of that confidential data disclosure posted the names and contact information of 1,200 eBay members on the company's Trust & Safety discussion forum, along with credit card numbers that were later determined to be invalid.

EBay eventually concluded that the attacker obtained the information via a phishing scheme, tricking individual members into disclosing the data.

Friday's hack has quite a few eBay members rattled, judging by this long discussion forum thread about the incident.

In that thread, some affected eBay members report receiving e-mails from a hacker identified as Vladuz saying that he had targeted them for posting forum comments that were critical of him.

Vladuz has in the past reportedly stolen login information that has allowed him to post messages to eBay discussion forums as if he were an eBay employee.

In its article, AuctionBytes said Vladuz has been targeting eBay for about 10 months.

Sharpe didn't immediately reply to the question whether eBay knows who was behind last week's attack.

Join the Good Gear Guide newsletter!

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Juan Carlos Perez

IDG News Service

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?