Page 1 of 2 12 LastLast
  1. If you don't already know, eBay was hacked due to the Heartbleed bug in openSSL. If you haven't done so already, you should change your password at eBay.

    This link: Safe Web - Heartbleed Check will allow you to check any HTTPS:// page for the bug.

  2. #2
    Ger21's Avatar
    Lives in Detroit, United States. Last Activity: 7 Hours Ago Has been a member for 4-5 years. Has a total post count of 313. Received thanks 40 times, giving thanks to others 0 times. Referred 1 members to the community.
    I got an email from Ebay this morning.

    Mach3 2010 Screenset

    JointCAM - CAM for Woodworking Joints

  3. #3
    Irving I don't think it was the heartbleed script, but more of an insider hack. here's the official notice from ebay Important

  4. Ok. I was responding to a media report. I've not had anything formal from eBay :(

    But the link is still useful!

  5. Hi,

    If you go to ebay and login, you will be asked to reset your password and this is what they have to say about it:

    Keeping Our Buyers and Sellers Safe and Secure on eBay

    On Wednesday, we announced that we are asking all eBay users to change their password. This is because of a cyberattack that compromised our eBay user database, which contained your encrypted password.
    We take security on eBay very seriously, and we want to ensure that you feel safe and secure buying and selling on eBay. So we think it’s the right thing to do to have you change your password. And we want to remind you that it’s a good idea to always use different passwords for different sites and accounts. If you used your eBay password on other sites, we are encouraging you to change those passwords, too.
    Here’s what we recommend you do the next time you visit eBay:

    • Take a moment to change your password. This will help further protect you; it’s always a good practice to periodically update your password. Millions of eBay users have already updated their passwords.
    • Remember to always use different passwords on different sites and accounts. If you haven’t done this yet, take the time to do so.

    Meanwhile, our team is committed to making eBay as safe and secure as possible. We are looking at other ways to strengthen security on eBay. In the coming days and weeks we may be introducing new security features. We’ll keep you updated as we do.
    Thanks for your support and cooperation. eBay is your marketplace, and we are committed to keeping it one of the world’s safest places to buy and sell.
    Devin Wenig
    President, eBay Marketplaces

  6. #6
    From the Heartbleed website Heartbleed Bug "Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug."

    I would like to think ebay would have fixed any bugs in the security of their servers well before now, knowing that the heartbleed bug has been out there for more than 2 years. If they knew and did NOTHING to protect all ebay users, then they should at least compensate all users by giving them back the fees charged for the last 2 years as they have left us all vulnerable to data theft and not provided a secure service for which they charge their fees.

  7. The problem was that no one new about it over that time, it was discovered not so long ago while some guys worked on something else.

    Last edited by Lee Roberts; 25-05-2014 at 03:09 PM.

  8. #8
    Neale's Avatar
    Lives in Plymouth, United Kingdom. Last Activity: 8 Hours Ago Has been a member for 3-4 years. Has a total post count of 593. Received thanks 79 times, giving thanks to others 5 times.
    I haven't seen anything official to suggest that eBay was compromised by the Heartbleed bug, and the reports I have seen appear to say that eBay was pretty quick in to install the fix. This looks like a different issue.

  9. #9
    there is much more to this than gets publicised, its not just the heatbeat bug, its a number of disclosures over the past 18 months over purpose built in holes in security standards, all converging. remember google, yahoo, microsft got hacked a few months ago aswell. If they got the databases you can guarantee they broke the encryptions.

    I wander when apple is going to fess up

    And if anyone thinks the introduction of heartbeat was accidental, and not forced by NSA and the like, should look at the dates relative to they dates they got access to the intercommunication of google ssl servers, as published by Edward Snowdon
    Last edited by george uk; 25-05-2014 at 11:19 PM.

  10. George, if you get time and havnt already, watch this: Mikko Hypponen - How the nsa betrayed the worlds trust, time to act. I think you may find it intresting.

    Last edited by Lee Roberts; 25-05-2014 at 11:44 PM.

Page 1 of 2 12 LastLast

Similar Threads

  1. The CNC machine I won on ebay
    By cubikoman in forum Machine Discussion
    Replies: 4
    Last Post: 08-02-2015, 08:02 PM
  2. Machine on ebay what do you think
    By alboy in forum Marketplace Discussion
    Replies: 9
    Last Post: 23-09-2013, 11:51 AM
  3. Heads up, ebay
    By Robin Hewitt in forum Computer Software
    Replies: 4
    Last Post: 22-08-2010, 05:13 PM
  4. Bargain for someone on eBay
    By irving2008 in forum General Discussion
    Replies: 2
    Last Post: 17-07-2010, 08:48 PM
  5. Beaver on eBay
    By irving2008 in forum General Discussion
    Replies: 4
    Last Post: 22-01-2010, 08:33 PM


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts