728_header.jpg (23748 bytes)
Email Newsletter icon, E-mail Newsletter icon, Email List icon, E-mail List icon
Subscribe to our 2 FREE Newsletters!
Google  Web AuctionBytes  

Home
Subscribe
Blog
Letters to Editor
Podcasts
Forums
AuctionBytes TV
ABU Back Issues

Sponsor

COOL TOOLS

Calendar
eBay Fee Calculator
Collectors' Links
eBay Promo History
Bookshelf
Fraud Resources
Auction Site Fees
Auction Management
Payment Services
Storefronts Chart
Sniping Chart
Consignment Services
Drop-Off Store Laws
Ecommerce Resources
Photo Tips
Marketing Inserts
Yellow Pages
Classifieds

AUCTIONBYTES

Our Writers
Write For Us
Partners
Press
Advertising
About Us
Link To Us
Ina Steiner AuctionBytes Blog
News and insight focusing on
ecommerce and the online auction industry
by Ina Steiner, Editor of AuctionBytes.com
September 25, 2007
Perminate Link for Update on eBay Security Issue   Update on eBay Security Issue
By: Ina Steiner
Tue Sept 25 2007 14:07:47
eBay's Trust & Safety board remains closed after eBay took it down this morning when threads began appearing listing what appeared to be confidential user information. (See article here.)

We've contacted several people whose information appeared to be exposed in an effort to verify whether the information in the postings were correct. Multiple people have confirmed their address was correct. One person said the credit card number did not belong to him, and others have yet to get back to us to confirm their credit card number one way or the other.



Users have speculated that Vladuz may be behind the incident. While the posts did not contain the name Vladuz, they contained a line, "SGI Inc. - emocnI gnitareneG rof snoituloS." The letters are Solutions of Generating Income spelled backwards. When the Romanian hacker Valduz posted in February on the eBay boards, one of the names he used was Vladuzsgi.

eBay said at the time that while Vladuz had obtained access to a "handful" of customer service representatives' email accounts, he never hacked into the site or accessed any customer data.

We are still waiting to hear from eBay about this morning's incident.

Update: 9/25/07 2:45 pm Eastern
eBay's Chatter blog acknowledged the incident at 2:15 and stated that the credit card information that appeared in the postings was not linked to financial information on file for those users at eBay or PayPal.

Reading AuctionBytes Blog: Update on eBay Security Issue
Comments (72) | Permalink
Readers Comments

Update on eBay Security Issue   Update on eBay Security Issue
by: Wendy
Tue Sep 25 14:25:04 2007
Although I managed to copy 990 names before the site was closed, and although the informaton appears correct for the listings, just because a person's name doesn't appear on the list, means that they're safe.  Nobody knows how many names were compromised, only that 990 were posted.  A small percentage of eBay users, but since eBay isn't talking, we have to assume the worst.  Everyone's information has been compromised.  Don't leave it to eBay to correct this problem.
Update on eBay Security Issue   Update on eBay Security Issue
by: dimes
Tue Sep 25 14:37:12 2007
For the first time in memory, I'm getting an error message and the dreaded red 'X' when trying to post to a thread about this topic on the paypal discussion board:

An error occurred processing your message.


I'll bet it did.
Update on eBay Security Issue   Update on eBay Security Issue
by: Boycott Ebay
Tue Sep 25 14:41:06 2007
Definitely anyone should assume the worst since Ebay is clearly busy covering up. Message board posts yanked; About Me page with partial 'exposed members' list yanked; call Ebay and they hang up when you tell them you are concerned about this possible identity theft situation. If all is well, then what are they trying to hide?? Why take chances? Don't trust Ebay to fix this. Do it yourself.
Update on eBay Security Issue   Update on eBay Security Issue
by: hoosier
Tue Sep 25 14:43:15 2007
Wendy, please go to the SC board on ebay and post on one of the threads about this...people are wanting to know if their ID names are on that list.

Nothing else needs to be told ...just yes or no to a name.

So far you seem to have the more names than anyone else I have spoken to.
Thank you!!!!
Update on eBay Security Issue   Update on eBay Security Issue
by: Jennifer
Tue Sep 25 14:45:49 2007
My DB post letting others know I have a screenshot was pulled on the pretense that my signature line was in violation. Ha! I doubt that. Definite attempt to cover-up on eBay's part. Disappointing. I expected more professional behavior from them. I see I was expecting too much.
Update on eBay Security Issue   Update on eBay Security Issue
by: Terry
Tue Sep 25 15:30:33 2007
I expect Ebay should now do what they do best SWEEP it under the RUG. Wonder how big a rug they have? This is something that just won't GO AWAY by ebay pulling and deleting information posted on their boards. Funny how the MODERATERS have time for trivial matters but don't see something this important for what at least AN HOUR?? FIRE all the Board Moderaters and start over with compitant Mods.

Anyhow care to BUY or Sell something today? It is laughable.

Update on eBay Security Issue   Update on eBay Security Issue
by: dimes
Tue Sep 25 15:34:17 2007
Someone claiming to be vladuz has put up a  video of the posts on youtube.

http://www.youtube.com/watch?v=_q9m2iFsz9M
Update on eBay Security Issue   Update on eBay Security Issue
by: Boycott Ebay
Tue Sep 25 15:54:29 2007
(quote)by: dimes
Tue Sept 25 2007 15:34:17
Someone claiming to be vladuz has put up a  video of the posts on youtube.

http://www.youtube.com/watch?v=_q9m2iFsz9M (unquote)
Vladuz COMMENTED on that video. He did not post it. The person who posted the video is one of the good guys who frequently documents Ebay attacks and hacks. He is NOT Vladuz nor does he claim to be.

http://www.youtube.com/watch?v=_q9m2iFsz9M
Update on eBay Security Issue   Update on eBay Security Issue
by: IG
Tue Sep 25 16:10:43 2007
I don't know if my account was on the list, but I woke up to an e-mail from eBay saying that my account was compromised and had been used to send out messages.(only) I went through the routine of changing my password (which I assure you was not a ''weak'' one) and after logging back into eBay, and examining the sent messages, (which were ALL sent this morning 9/25/07) they all say:

web: (watyo77.com)
Mail: watyo77@hotmail.com
MSN: watyo77@hotmail.com
Best regards
 
Now, Doing a google search on ''watyo77'' shows not only that it is a Chinese company selling electronics, but also yielded several eBay auctions dated as early as 9/19 that have an identical ''question from e-bay member'' posted.

My point is: (A) I don't think that my password was hacked. I think that eBay's system was hacked into (circumventing my pwd). and (B) I think that this has been going on certainly since before today, since 9/19 and perhaps before that.
Update on eBay Security Issue   Update on eBay Security Issue
by: Fruity
Tue Sep 25 16:29:30 2007
Oh Wendy can't post the names of those who were compromised, not on any ebay site. The minute she does she will be permanently suspended from any ebay function. That is how Ebay handles the whistleblowers. But a reputable site outside of ebay where you can allow others to see if they are victims of this would be more appropriate and safer

Only on ebay do people have to live in fear of being hacked, fear of opening your mailbox or responding to people. And why is that? Is the technology not capable of ensuring user information or is the site not equipped to handle it? Whatever the case, being in fear benefits ebay. Skype will come down and save the day and when pitched as the tool of choice for secure transactions, they'll get high user adoption and it'll be a success!

Ebay has such POS user registration screening, anyone can get in to hijack & harvest your information. Most of those hackers and hijacks, those are from users that are either inactive/dormant or IDs that were registered years ago.
Update on eBay Security Issue   Update on eBay Security Issue
by: Fruity
Tue Sep 25 16:35:17 2007
Bill Cobb comes back & the hackers unleash hell. Coincidence? Maybe they're tired of his back talk and the management way of talking down to ebayers
Update on eBay Security Issue   Update on eBay Security Issue
by: dimes
Tue Sep 25 16:36:31 2007
Sorry for the misidentification, 'Boycott eBay'.  Sometimes it's difficult to tell the good guys from the bad, particularly when they both have to resort to similar methods of documenting eBay security breaches.
Update on eBay Security Issue   Update on eBay Security Issue
by: cornercube
Tue Sep 25 16:45:43 2007
LiveWorld, host to eBay Discussion Boards, has a content filter in place. Posts containing the phrase "credit card" are rejected.
Update on eBay Security Issue   Update on eBay Security Issue
by: Giovanni
Tue Sep 25 17:05:28 2007
@Dimsey. I posted that video.
I object to your misguided mis-characterization.

When has hack-Meister Vladuz posted a video?

When has Cappnonymous hacked ebay?

When has either acted similarly?
Update on eBay Security Issue   Update on eBay Security Issue
by: hoosier
Tue Sep 25 18:12:10 2007
Well Wendy can find my OT thread on SC and email me, I will then send her an off ebay email and we can go from there...:)
Been on ebay almost 8 years and have never seen this happen before to such a degree, have also never seen sales as slow as they have been all summer either.
Update on eBay Security Issue   Update on eBay Security Issue
by: dimes
Tue Sep 25 18:41:21 2007
Oh, please - let's not split hairs.

Vladuz has posted screencaps of hacked eBay info.  The fact that they're not animated doesn't mean they're not visual documentation of a security breach.

Or was it you who posted these?

http://i24.tinypic.com/14kicqp.jpg

http://i21.tin
ypic.com/v80gtu.jpg
Update on eBay Security Issue   Update on eBay Security Issue
by: Boycott Ebay
Tue Sep 25 19:28:00 2007
OK. Let's not split hairs but let's not shoot the messenger either. Cappnonymous has spent hours upon hours documenting this kind of attack on Ebay users. He has no motive but to see it stopped. We should ALL be so dedicated to that cause! Thank you, Giovanni.
Update on eBay Security Issue   Update on eBay Security Issue
by: A
Tue Sep 25 19:52:57 2007
Actually, with all the foreign spam we get is it any guess that ebay was hacked within the last month?
Update on eBay Security Issue   Update on eBay Security Issue
by: Jennifer
Tue Sep 25 20:34:38 2007
The YouTube video was not produced by the hacker. There were comments beneath that could have been from the hacker. This is not the first YouTube hacking video I've seen. They are community service spots. You can see that the user's sensitive info was protected in the video. Would a hacker do that? I swear I wonder where people's common sense is sometimes.
Update on eBay Security Issue   Update on eBay Security Issue
by: Wendy
Tue Sep 25 21:01:40 2007
As I'm sure you all know by now, the list has been promulgated by many sources.  I have about 990 names on my list, and tried to post them on eBay, but it was removed and I was warned under pains of suspension not to repost it.  I have not, but I did contact some of the people whose information I was able to view.  The responses have been eye-opening and I will no longer trust eBay with any correct personal financial information.
Click to view more comments
1 2 3 4  [Next Page]


Leave your comment for
Update on eBay Security Issue
 
Name:
Email:
Link Email: No.   Yes.
Subject:
Web Site:
 9 2 9 7 5 2
Enter Code:
Comments:
   
Recent Posts

Recent Comments





Archives
Site Index
Copyright 1999-2009. Steiner Associates LLC. All rights reserved. Privacy Policy.


Powered by Perl Web Blog
© 2005/2009 Ranson's Scripts