Ebay Hacked, User Info Posted 242
An anonymous reader writes "This morning a hacker posted the personal contact information and credit card data of 1,200 ebay users on the eBay.com Trust & Saftey forums. eBay pulled the Trust & Safety forums off line, but not before one user made a video of the hacked forums and posted it on youtube.com. eBay response is on the eBay chatter page, and seems to try and down play this "fraudster"'s activity."
hacked? (Score:3, Interesting)
i only ask because i had a better-than-usual phishing attempt this morning telling me my ebay account had been 'restricted' and it wouldn't be too hard to harvest 1200 passwords from the above without hacking ebay itself.
email text:
"A33 TKO NOTICE: Restricted Account Access
We have taken steps to secure your eBay account, including review of your
personal information and placing a temporary restriction on your account. Any
activity has been cancelled and any associated fees have been credited to your
account. We assure you that your credit card and bank details are stored on a
secure server and cannot be viewed by anyone.
Your account is currently blocked from listing and bidding on items, and from
sending email through Ask Seller a Question or Contact eBay member. To restore
full access to your account, please follow the instructions in this email."
login to your account link was:
http://us.ebayobjects.com/2c;13012399;10693575;h?http://61.9.146.244/signin.ebay.co.uk/ws/?eBayISAPI.dll?co_partnerid=2&siteid=0&UsingSSL=1 [ebayobjects.com]
ie it had a susipicious 2nd address in url, one which resolves to australia
Bet 20$ none of those users had the Secure dongle (Score:2, Interesting)
in fact my number right now is 342498 GO and hack my account now.... oh wait. it just changed... 096443 is the new number, you got 25 seconds.
Comment removed (Score:3, Interesting)
WHAT HAPPENED: Fradulent Items on eBay (Score:5, Interesting)
NOT A FRAUD!! (Score:2, Interesting)
I WOULD SAY THAT THIS IS NOT A COINCIDENCE, AND THAT THERE WAS AN ACTUAL MALICIOUS HACKER ATTACK.
If you watch some of the videos related to the one linked above you will see that the person that posted the info to the eBay forums was just trying to get some visibility of the problem that he discovered.
Re:Fraudster? (Score:5, Interesting)
Sometimes, when someone doesn't listen to your kind advice, you have to make them listen.
Re:I wonder ... (Score:3, Interesting)
Me Too. (Score:2, Interesting)
When I logged onto PayPal, they had all the red flags up, and required me to prove my identity and change my password, yaddah yaddah yaddah. Several days later, it came thru AGAIN, and I found a number for PayPal and gave them a call. Turns out that if my bank denies the transaction, they'll try again, just like with a check or any other purchase.
I thought my password (8 digits) was pretty good, as it was not a word and included numbers, but apparently, it wasn't. Now it's 20 digits long. My bank also made the suggestion that I get a new checking account, as those numbers may be out there as well. I think it's a good point, and I'll have to do that pretty quick.
It's not from phishing, as I can easily see which e-mails are truly from PayPal and which ones aren't. The phishing mails are full of typos, spelling errors, and repeat sentences with different information. They've gotta be done by someone who isn't fluent in the English language. It's actually pretty funny reading material. What's not so funny is that those horribly-done phishing e-mails actually fool some people. Sad state of affairs we have in the education of the country, if you ask me.
-Dave