eBay customers have been left struggling to change their passwords after the auction site announced all 145 million of its customers were affected in the recent hack. By recent, the site really meant to say the hack that took place almost three months ago, but nobody was made aware of it publically. The problems with changing the passwords have meant that tens of thousands of customers are now left vulnerable to their more important details being stolen.
The hack took place sometime between February and March. However, eBay has taken until now to make its customers aware of the issue. According to the site, the hack is not too distressing since credit card and PayPal information has not been stolen since that is held on a separate server. However, the auction site obviously does not understand that some customers will use the same password for multiple sites, and there is also the issue of physical addresses, full names and dates of birth being stolen. All this can quite easily lead to identity fraud attacks.
The site has said that it was only made aware of the breach in early May. That has given the hackers two months to work undetected, which is a scary thought when looking at it that way. However, eBay should have acted sooner than it did to alert customers.
According to some, the information about the hack was not even shared responsibly by the auction site. It was leaked, and the company had no choice but to respond and make it official. Emails were supposed to be sent out to all customers, but they have still not been received 24 hours after the announcement through the media. One British security firm has attack the online auction giant for such poor standards when it comes to security.
Now eBay customers are struggling to change their passwords. So many people are trying to do it at once that the website is continually failing. People will get time-out errors and the emails or text messages to reset passwords may not be sent through. Customers are being asked to be patient, but many are understandable frustrated and taking to Twitter to vent their annoyance.
Those who do manage to get onto the site may not even have any idea on how to change their passwords. It is not the simplest of websites to navigate around. Users need to hover over their name, and click update account. From there they can click to update their personal information, and the password option is there.
Customers who have managed to change their accounts point out another flaw. There is still other sensitive information that is in the hands of the hackers. Addresses and dates of birth cannot be changed. This information can all be used by the hackers for identity fraud, and there is nothing a user can do to prevent it. It is also unclear just how much information hackers are using, and how they are using it. It can take a few months to find out whether credit searches have taken place or accounts have been created.
It is about time the auction website thought about its customers. The lack of communication has been extremely poor, and now eBay customers are struggling to change their passwords to prevent their accounts being used maliciously.
Opinion by Alexandria Ingham