Hackers Post Names, Credit Card Info on eBay
Auction site says incident is a hack, not a leak
Users who went to eBay's "Trust & Safety" fraud prevention forum yesterday got a little surprise: Someone had posted the names, addresses, and credit card information of some 1,200 current subscribers on the site.
No, it wasn't an accidental leak from eBay's customer database, according to a report. The information was posted by a hacker who apparently stole the data in a phishing attack.
The attacker, who prefaced a number of postings with "Wheeeeeeeeeeee," posted legitimate names and addresses of eBay users via a script that published about 15 names a minute. However, eBay says it has checked the posted credit card data against its records for each of the users, and it turned out to be fake. The auction site is notifying each of the individuals, so that they can check to see if any of the data is valid.
EBay has temporarily blocked community postings to the Trust & Safety forum and posted a warning to all members.
— Tim Wilson, Site Editor, Dark Reading
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024