| |
 |
| |
Hacker breaks into eBay server
Targets extremely small number of users
October 9, 2007-According to a company report, a hacker broke into one of eBay Inc's server and temporarily suspended the accounts of a "very small" number of members.
"We were able to block the fraudster quickly before any permanent damage had been done. At no point did the fraudster get any access to financial information or other sensitive information," said eBay spokeswoman Nichola Sharpe in an email to IDG News Service.
"The fraudster did this (the hack) by accessing externally visible servers," Sharpe added.
The incident occurred just over a week after a user posted confidential information about eBay users in an eBay discussion forum. The forum was shut down shortly after it was revealed that the same person responsible for the confidential data disclosure also posted the names and contact information of reportedly 1,200 eBay members along with credit card numbers that were later found to be invalid.
Several of the eBay users affected by the attack reportedly received emails from an eBay user known as Vladuz, who said that he had targeted them for posting past comments in eBay forums that were "critical of him."
Vladuz, according to AuctionBytes.com, has been targeting eBay for about 10 months. Vladuz has stolen login information in the past that has allowed him to post messages to eBay discussion forums as if he were a legitimate eBay employee.
According to AuctionBytes.com, who first reported this story late last week, one such user said that an email from Vladuz said simply "stop saying sh*t stuff about me, a**hole."
After the user attempted to log into a discussion forum, she received an email saying that she was suspended due to seller non-performance issues, even though she does not sell items on eBay.
Regarding her past comments about Vladuz, the user said "I admit I had been less than complimentary about him on the boards."
"eBay faces attacks to compromise its systems every day," Spokeswoman Sharpe said in the email to IDG sent last Friday. "After learning of the recent situation, we quickly reacted to it. As we continue to lock down on the traditional ways that bad guys have attempted to exploit our system, it is only natural that they will look for new ways to get in. It's an ongoing battle."
At press time, there was no official word as to who was behind the attack. Although evidence seems to point to Vladuz, there is no conclusive proof, as of yet, that he was actually responsible, or even involved, in these extremely targeted security hacks.
Read More Articles
|
|
|
Privacy Policy Code of Ethics Articles