[ISN] EBay: online hacker stole customers' data

From: InfoSec News (isn@private)
Date: Tue Mar 16 2004 - 23:39:17 PST

  • Next message: InfoSec News: "[ISN] Court orders Interior to disconnect systems from the Internet again"

    http://washingtontimes.com/upi-breaking/20040316-124532-6763r.htm
    
    March 16, 2004 
    
    SAN JOSE, Calif., March 16 (UPI) -- California's eBay says online con
    artists stole customer information that may make a common e-mail scam
    even more dangerous.
    
    Hackers tricked several online merchants who use eBay's PayPal payment
    system into disclosing their user names and passwords, then logged
    onto the merchants' accounts to download lists of customer names,
    e-mail addresses, home addresses and transactions, the San Francisco
    Chronicle reported Tuesday.
    
    EBay did not disclose how many customers had their information stolen,
    but a spokesman said it constitutes a small percentage of the
    service's 40 million registered users.
    
    No credit card information, Social Security numbers or other financial
    details were compromised because that information is encrypted and
    kept on servers not accessible to merchants.
    
    Still, eBay fears the information will be used to trick customers into
    giving up their credit card information in an e-mail scam known as
    "phishing" or "spoofing."
    
    The scam results in e-mail users getting messages purportedly from
    PayPal or other businesses saying they need to verify personal
    information.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Wed Mar 17 2004 - 02:21:52 PST