Exclusive: EBay initially believed user data safe after cyberattack
By Jim Finkle and Deepa Seetharaman
BOSTON/SAN FRANCISCO (Reuters) - EBay Inc initially believed that its customers' data was safe as forensic investigators reviewed a network security breach discovered in early May and made public this week, a senior executive told Reuters on Friday.
EBay has come under fire over its handling of the cyberattack, in which hackers accessed personal data of all 145 million users, ranking it among the biggest such attacks launched on a corporation to date.
"For a very long period of time we did not believe that there was any eBay customer data compromised," global marketplaces chief Devin Wenig said, in the first comments by a top eBay executive since the e-commerce company disclosed the breach on Wednesday.
EBay moved "swiftly to disclose" the breach after it realized customer data was involved, he said.
Wenig would not say when the company first realized that the cyberattackers accessed customer data, nor how long it took to prepare Wednesday's announcement.
He said hackers got in using the credentials of three corporate employees, eventually making their way to the user database.
Hackers accessed email addresses and encrypted passwords belonging to all eBay users. "Millions" of users have since reset their passwords and the company had begun notifying users, though it would take some time to complete that task, Wenig said.
"You would imagine that anyone who has ever touched eBay is a large number," he said. "So we're going to send all of them an email, but sending that number all at once is not operationally possible." Continued...