OT. EBAY hacked.

[snip]

Thanks for the ad hominem attack, Doug. You're in fine form today.

FWIW, I attempted to view the message to which you refer, three separate times, doing a manual log-in so that I would not chance blowing by the message on the

site. No message/warning ever showed up until, as I said, I attempted to change my password.

Now, almost twelve hours later, I go to

and lo and behold there is the message prominently displayed, as you said, on the main page. Can't miss it and I DIDN'T miss it this morning because it wasn't there.

Since I'm on the same internet connect (static IP address), the same computer (that has not been rebooted) and the same iteration of Firefox, perhaps the problem was that the message had not made its way through Ebay's server farm and I was hitting on a server that had yet to be updated. I dunno but I do know it wasn't there when I diligently looked for it this morning and your insinuation notwithstanding I'm not stupid or blind.

Problem is, not everyone logs into ebay everyday. They should have emailed the users to alert them. (They think nothing of sending mother email, so it's not like they have something against email). I just tried logging out and then going to the main site and didn't get a message, so I'm not sure if the message only shows for registered users? (Or maybe it's a cookie thing). I usually go to the site and don't bother to log in unless I see something I want to watch.

I read about the hack early this morning. I haven't gotten my "followed" searches for two days, so went to check out their online forum to see if anyone else was complaining, and that's when I saw mention of the problem. And then when I went to my account, that's when I got the on screen message.

When you buy something on Ebay it takes you straight to Paypal to pay for it, so of course they are going to know the Paypal account. If you have a different PWD for Paypal, then they won't be able to pay for it. But you'd still have the problem of dealing with Ebay over undoing the bogus purchases, etc. And also, most people use the same PWD for multiple accounts. They could try using your PWD from Ebay to gain access to other places that they could try to access using what they know or can guess about you.

This link

leads to search results on PC World. There are about three articles there regarding the Ebay hack. The one I read yesterday said hackers can cause mischief just by getting the unencrypted info like name, address etc.

But probably not as much mischief as you or I could cause just closely following some Twitter or Facebook feeds. It's unbelievable the crap that some people post there.

The IT oriented blogs are giving eBay awards for the suckiest handling of a security breach yet. The news was all over The Register, Betanews, and Slashdot before eBay got around to putting a lame suggestion that you might want to change your password on their homepage.

I believe the whole story about the heartbleed bug and now the hacked ebay profiles is a way to provoke users to change their passwords. My theory is that NSA is prepared for a mass password change.. I hope I'm wrong..

eBay Important Password Update Reset Your Password eBay Inc. Information Site Keeping Our Buyers and Sellers Safe and Secure on eBay

On Wednesday, we announced that we are asking all eBay users to change their password. This is because of a cyberattack that compromised our eBay user database, which contained your encrypted password.

We take security on eBay very seriously, and we want to ensure that you feel safe and secure buying and selling on eBay. So we think it?s the right thing to do to have you change your password. And we want to remind you that it?s a good idea to always use different passwords for different sites and accounts. If you used your eBay password on other sites, we are encouraging you to change those passwords, too.

Here?s what we recommend you do the next time you visit eBay:

Take a moment to change your password. This will help further protect you; it?s always a good practice to periodically update your password. Millions of eBay users have already updated their passwords. Remember to always use different passwords on different sites and accounts. If you haven?t done this yet, take the time to do so.

Meanwhile, our team is committed to making eBay as safe and secure as possible. We are looking at other ways to strengthen security on eBay. In the coming days and weeks we may be introducing new security features. We?ll keep you updated as we do.

Thanks for your support and cooperation. eBay is your marketplace, and we are committed to keeping it one of the world?s safest places to buy and sell.

Devin Wenig

President, eBay Marketplaces Copyright © 1995-2014 eBay Inc. All Rights Reserved. User Agreement, Privacy and Cookies.

It takes you straight to paypal based on the Paypal email address and password that is stored in the customer's computer. Of course they could keep track of that, but they havent said that they do.

I do have a different password.

If that turns out to be a problem, I'll remind them that it's the fault of their low security that they were hacked. And I have two more Ebay id's i can use in the meantime.

They could try it, but I don't use the same pswd for any two things.

I certainly don't use my birthday. The thought never occurred to me.

I'll add that if you use the eBay app on an iPad, the Password Update message is there, but only if you scroll down to the bottom of the app's home page. That is not typically what a user needs to do, at least not me, so I didn't see the message until I decided to actually look for it based on this discussion.

I changed my password on the main site through FF only after hearing about it in this forum. At the time I changed it, there was no message on the home page. As others have said, the only time I saw the message was when I was already on the password change screen. That's just a tad too late.

I don't think so. I've logged on to Ebay from PC's that are not mine, bought things, and it takes me straight to my Paypal account to log in, just like it does on my own PC. Also, when I've done a system restore, starting out with a clean PC, I haven't seen a difference. I'm pretty sure the Paypal account ID is stored at Ebay.

Of course they

Just by the way it works, it sure seems to me they do.

Yes, I'm sure it can be straightened out, but the point is it's just one more hassle if they get into your account, start ordering stuff, etc.

On 23 May 2014, DerbyDad03 wrote in alt.home.repair:

I changed my password early this morning. There was a large notice at the top of the main page before I changed it, and that notice is still there now, plus a highlighted button at the top: