Leave a comment

Hacked in 60 seconds: Why you should change your eBay password right now

Hacked in 60 seconds: Why you should change your eBay password right now

EBay isn't having a good security year. Back in February and March, it lost more than 120 million user names and passwords to hackers. At the time the news broke in May, I told you to change your eBay password.

Right after that, security researchers found a flaw in eBay that could give hackers your password if you visited a malicious site while still logged in to your eBay account. EBay fixed the problem, but it was a good idea to change your password again.

Then last week, I told you about an eBay phishing scam that could trick you into giving up your username and password. In that case, you didn't have to change your password - unless you think you fell for the trick.

Still, it seems like if you use eBay, you should get used to changing your password. There's been another problem with eBay and you - surprise! - need to change your password.

Four months ago, security researchers told eBay about a way hackers could force the "forgot password" system to reset account passwords to ones hackers already knew. The only thing a hacker needed was a valid username. At the time, demonstrated an eBay account hack that took all of about one minute.

Given that hackers had usernames for 120+ million eBay users thanks to the previous hack, this was a serious problem. If that wasn't scary enough, eBay took four months to roll out a fix.

That means for the last four months, your account has been vulnerable to hackers - and the repeated password changes from other hacks only made it worse.

Well, eBay has finally fixed the problem, so it's a good idea to reset your password again just to be safe.

Given how often you're being asked to change your password, it might be a good time to look at password manager software that can create strong new passwords for you. KeePass is a good place to start. Otherwise, make sure you follow my system for creating a strong, easy-to-remember password.

Next Story
View Comments ()
Deal of the Day: $50 off Kindle Fire HDX
Previous Happening Now

Deal of the Day: $50 off Kindle Fire HDX

Is this Home Depot email real?
Next Happening Now

Is this Home Depot email real?