Re: heads up... ebay compromise

[H Morrow Long <morrow.long () YALE EDU>]

That press release / advance notice looks fairly definitive.

EBay may have struggled with just how to communicate 'Your password is not
actually compromised as far as we know because it was encrypted (or was it
cryptographically hashed?) but we want you to change your password anyway
because intruders were able to break into our database of encrypted
passwords.  Note, your are safe as far as we know -- but you should change
your password now anyway.'

Particularly when 112 million accounts are involved.

Morrow



On Wed, May 21, 2014 at 9:53 AM, Mally Mclane <mally.mclane () bristol ac uk>wrote:

> On 21 May 2014 14:51, H Morrow Long <morrow.long () yale edu> wrote:
> > Hold on for a bit before announcing to a  mass audience (such as a
> > University community).
> >
> > Apparently Ebay/Paypal pulled back the apparent announcement recently.
>  No
> > word from them as to what is going on or why.
> http://in.reuters.com/article/2014/05/21/us-ebay-password-idINKBN0E10ZT20140521
>
> it's still on their corporate site...
>
>
> http://www.ebayinc.com/in_the_news/story/ebay-inc-ask-ebay-users-change-passwords
>
> Mally
>
>
> > Morrow
> >
> >
> >
> > On Wed, May 21, 2014 at 9:40 AM, Mally Mclane <
> mally.mclane () bristol ac uk>
> > wrote:
> > > On 21 May 2014 14:34, Harry Hoffman <hhoffman () ip-solutions net> wrote:
> > > > Hi All,
> > > >
> > > > Just a heads up:
> http://www.theverge.com/2014/5/21/5737914/ebay-will-ask-all-customers-to-change-passwords-after-massive-breach
> > > It surprises me they only have 112million accounts...
> > >
> > >
> > > --
> > > Mally Mclane
> > > Communication and Collaboration Services Manager
> > > University of Bristol
>
>
>
> --
> Mally Mclane
> Communication and Collaboration Services Manager
> University of Bristol