E-commerce company eBay Inc said a database was compromised in a hacking attack between late February and early March, and clients' non-financial information was stolen.http://www.metro.us/wp-admin/profile.php
EBay said the compromised database contained customer names, encrypted passwords, email addresses, birth dates, physical addresses and phone numbers. In an statement, it urged users to change their passwords.
The company said the attack has allowed unauthorized access to the company's corporate network but it found no evidence of any unauthorized access to financial or credit card information.
"For the time being, we cannot comment on the specific number of accounts impacted," eBay spokeswoman Kari Ramirez said. "However, we believe there may be a large number of accounts involved and we are asking all eBay users to change their passwords."
EBay said it was investigating the breach and working with law enforcement agencies.
The company also said it had not seen any indication of increased fraudulent account activity on eBay and that there was no evidence that its online payment service PayPal had been affected in the attack.
The attack on eBay was made through compromised employee accounts that allowed unauthorized access to its corporate network, the company said in a statement. It said the breach was first detected about two weeks ago.
"The real key question going forward will be if any money has been stolen, or any unauthorized activity been performed," Wedbush Securities analyst Gil Luria said.
"As long as this is not the case, this thing will come and go and will not be an issue for eBay," Luria said.
EBay earlier issued a notice on its PayPal website asking users to change their passwords, but took down the message a short time later without explanation.
The message, issued at 1:30 a.m. ET, was headlined "eBay Inc. To Ask All eBay Users To Change Passwords" but had no other information other than the words "place holder text".
EBay has been attacked before. In February, hacking group Syrian Electronic Army breached and defaced websites belonging to PayPal UK and eBay.
One of the biggest breaches at a U.S. company was at retailer Target Corp, where hackers stole data from up to 70 million credit and debit cards of shoppers who visited its stores during the first three weeks of the holiday shopping season.
Last month, U.S. web media company AOL Inc urged its tens of millions of email account holders to change their passwords and security questions after a cyber attack compromised about 2 percent of its accounts.