If you use eBay, you might want to change your password. The e-commerce site says a cyber attack compromised a database and exposed customers’ names, encrypted passwords, email addresses, physical addresses, phone numbers and dates of birth.
The company said Wednesday that there is no evidence that any financial or credit card information was stolen and no sign that the breach has resulted in unauthorized activity for its 145 million active users.
Cyber attackers stole a small number of employee log-in credentials that gave access to eBay’s corporate network, the company said. The San Jose, California-based company is working with law enforcement to investigate the attack. The database was hacked sometime between late February and early March.
EBay said user passwords were encrypted, but snagging personal information can pose trouble too. With an email address or phone number, hackers have a gateway to start other scams that could prompt consumers to reveal more information.
So when encouraged to change a password because of a hack, or another security problem, like the recent Heartbleed bug, don’t wait. Experts also say it’s a good idea to change that password every six months. Avoid passwords that include personal information that’s easy to uncover like your birthday, a spouse’s birthday or an address.