eBay customer information exposed, but how?
Technorati Tag: Security Breach
Date Reported:
9/25/07
Organization:
eBay
Contractor/Consultant:
None
Victims:
eBay customers
Number Affected:
1,200
Types of Data:
Name, address, and credit card information.
Breach Description:
Early in the morning of September 25th, posts began to appear on the eBay Trust & Safety forum containing confidential and personal information about eBay customers. The unknown poster sent one post after another, and each one appeared to have come from a different victim.
Reference URL:
eBay "The Chatter Blog"
eBay announcement on the Trusted & Safety Forum
Report Credit:
eBay
Response:
From the online resources referenced above:
"Some of our readers may have learned of an issue that occurred early this morning on one of our discussion forums."
"Very early this morning, a malicious fraudster posted on the Trust & Safety forum on eBay.com posing as approximately 1,200 eBay users. The fraudster made these posts in a way that was intended to appear as though he logged in with their accounts. The posts contained name and contact information, which appears to be valid, and could have been secured as part of an account take over."
"The posts ALSO appeared to contain credit card information -- however, these credit cards are not associated with financial information on file for these users at eBay or PayPal."
[Comfyllama] I think there is even question as to whether these were even real credit cards.
"We're in the process of reaching out by phone to these members to, so that if the information is valid somehow -- regardless how this fraudster acquired the information -- these members can take the steps they need to take to protect themselves."
"eBay and our forums vendor, LiveWorld, began taking steps to remedy the situation within an hour after it started. As things evolved behind the scenes, a decision was made to make the the Trust & Safety forum unavailable to our Community. It's still temporarily inaccessible, as the teams work on this issue"
Commentary:
There is much speculation about this incident. As I sit and think about thism my mind wonders about all of the possibilities. I have more questions that I do answers. In my opinion, some of the possible causes include (in order of possibility):
1. The victims of this incident were also victims of phishing attacks, directed or otherwise.
2. These victims of this incident are using computers that have been "botted".
3. This is the result of an eBay insider.
4. eBay was actually hacked, which would take some skill.
5. This is the result of a LiveWorld (hosts the forum obo eBay).
6. LiveWorld was hacked.
There are a bunch of conceivable avenues for attack here, and there is much discussion floating around right now. A recent rumor claims that CVV2 codes were posted along with the other credit card data. If this turns out to be true, then it only adds to the bad news.
Hopefully, time will tell what the cause of this incident is/was.
"eBay stores financial data on millions of users and its platform is used to transact billions of dollars in sales. "Irrespective of the scope [of the data breach], the target makes it significant," - Mark Rasch, FTI Consulting
Past Breaches:
Late 2006 through ? - A hacker (or cracker if you prefer) claims to have broken into eBay's internal systems and taunts the auction giant.
Has "Vladuz" returned?
Date Reported:

Organization:
eBay
Contractor/Consultant:
None
Victims:
eBay customers
Number Affected:
1,200
Types of Data:
Name, address, and credit card information.
Breach Description:
Early in the morning of September 25th, posts began to appear on the eBay Trust & Safety forum containing confidential and personal information about eBay customers. The unknown poster sent one post after another, and each one appeared to have come from a different victim.
Reference URL:
eBay "The Chatter Blog"
eBay announcement on the Trusted & Safety Forum
Report Credit:
eBay
Response:
From the online resources referenced above:
"Some of our readers may have learned of an issue that occurred early this morning on one of our discussion forums."
"Very early this morning, a malicious fraudster posted on the Trust & Safety forum on eBay.com posing as approximately 1,200 eBay users. The fraudster made these posts in a way that was intended to appear as though he logged in with their accounts. The posts contained name and contact information, which appears to be valid, and could have been secured as part of an account take over."
"The posts ALSO appeared to contain credit card information -- however, these credit cards are not associated with financial information on file for these users at eBay or PayPal."
[Comfyllama] I think there is even question as to whether these were even real credit cards.
"We're in the process of reaching out by phone to these members to, so that if the information is valid somehow -- regardless how this fraudster acquired the information -- these members can take the steps they need to take to protect themselves."
"eBay and our forums vendor, LiveWorld, began taking steps to remedy the situation within an hour after it started. As things evolved behind the scenes, a decision was made to make the the Trust & Safety forum unavailable to our Community. It's still temporarily inaccessible, as the teams work on this issue"
Commentary:
There is much speculation about this incident. As I sit and think about thism my mind wonders about all of the possibilities. I have more questions that I do answers. In my opinion, some of the possible causes include (in order of possibility):
1. The victims of this incident were also victims of phishing attacks, directed or otherwise.
2. These victims of this incident are using computers that have been "botted".
3. This is the result of an eBay insider.
4. eBay was actually hacked, which would take some skill.
5. This is the result of a LiveWorld (hosts the forum obo eBay).
6. LiveWorld was hacked.
There are a bunch of conceivable avenues for attack here, and there is much discussion floating around right now. A recent rumor claims that CVV2 codes were posted along with the other credit card data. If this turns out to be true, then it only adds to the bad news.
Hopefully, time will tell what the cause of this incident is/was.
"eBay stores financial data on millions of users and its platform is used to transact billions of dollars in sales. "Irrespective of the scope [of the data breach], the target makes it significant," - Mark Rasch, FTI Consulting
Past Breaches:
Late 2006 through ? - A hacker (or cracker if you prefer) claims to have broken into eBay's internal systems and taunts the auction giant.
Has "Vladuz" returned?
ebay lied IMO. IMO, trhey were/are hacked to the core. I spoke to a few of the victims as the event occurred. They verified the info was theirs and correct. Yes, the 3 digit CVV were in fact posted. Everything down to the time & date the members joined ebay was posted.
I also recorded that on video and posted it to youtube, which BTW was removed within around 24 hrs without any real reason ever given.
I have screencaps and the live screenrecorded videos I made that morning still posted on my blog.
Reply to this