A password database for the online auction site eBay has been hacked and the passwords, names and other personal details of an undisclosed number of users are now in the hands of the bad guys, according to reports from multiple news sources.
A notice posted this morning to the company's blog advises users that they will be asked to change their passwords “later today.”
The company says it was the victim of “a cyberattack that compromised a database containing encrypted passwords and other non-financial data.”
The company says it has “no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats.”
eBay says it is working with law enforcement and security experts to “aggressively investigate” the matter.
There is also no evidence, eBay says, that cyber baddies got hold of encrypted PayPal data, which is stored separately on a secure network.