UK Bitcoin auction

Ebay denies 'stolen database' on sale for 1.45 bitcoin is authentic

Ebay says that a database being offered for sale online by a hacker who claims it contains details of the auction site's users – which were compromised in a cyberattack that was revealed on Wednesday – is not authentic.

Someone claiming to have a copy of eBay's stolen database is offering to sell it for 1.45 bitcoin (about £447) via the anonymous text file site Pastebin.

But eBay denied that an extract linked from the site belonged to its users. The hacker provided a 3, 000-row extract from a database with Asian-Pacific user names,addresses,phone numbers and dates of birth as proof that they are in possession of the full 145 million user database.

"The published lists we have checked so far are not authentic eBay accounts, " said an eBay spokesperson talking to the Guardian.

Security experts have begun trying to narrow down the source of the extract. UK cyber security company Digital Shadows said that cross-referencing the leaked data with publicly available information on Facebook appears to confirm that the names are real,even if they did not come from eBay.

"It is always tough to tell whether the data is genuine in situations like this, " explained Rik Ferguson,global vice president of security research at security software firm Trend Micro.

"The email addresses I have tested so far do not appear to be sourced from previous breaches, " said Ferguson who later confirmed that the database was likely fake.

'One or two' company identities were the key

Ebay took two months to discover it had been hacked because no "unusual activity" was detected until May,the company has revealed.

“One or two” eBay employee company identities were stolen between the end of February and the beginning of March,but it wasn’t until repeated attempts were made to access a database – which those identities were not authorised to access – that the intrusion attempt was discovered,a company spokesperson explained to the Guardian.

The stolen identities could not be used to access other companies owned by the auction site,including PayPal or GumTree,the spokesman said.

145 million potentially exposed

Ebay would not comment on whether the database exposed in the hack contained the private data of all 145 million active users globally,which helped the company process $212bn in commerce in 2013.

Security experts have criticised the company for not encrypting all private customer information it held,which includes customer names,email addresses,physical addresses,phone numbers and dates of birth.

Security levels

ebay logo
Source: www.theguardian.com June 3, 2014 – 12:48

Related Posts

Bitcoin options

Bitcoin Aktien

Bitcoin 24/7

Bitcoin API net

Bitcoin AOL