EBay is asking users to change their passwords because of a cyber-attack that compromised a database containing user data. But the online auction house says that there is no evidence that PayPal accounts have been compromised.
Earlier today a blog post entitled "eBay, Inc. to Ask All eBay users to Change Passwords." appeared on PayPal's site. However, it contained no text and was quickly removed.
After a period of radio silence, eBay has now confirmed in a blog post on its own site that a couple of weeks ago it discovered that it was hacked between late February and early March.
A database containing encrypted passwords and e-mail address, physical address, phone number and date of birth was compromised.
The firm says it has no evidence that the crooks gained access to financial and credit card information, which is stored separately in encrypted formats.
PayPal users seem to be unaffected because their data is stored separately on a secure network, and all financial information is encrypted.
The breach appears to have occurred after hackers compromised some employee log-in credentials, allowing access to eBay's corporate network. The company is now working with law enforcement and security experts to investigate.