Is eBay Leaking Information?

from the just-wondering... dept

The Associated Press has a story about a man who's been indicted for getting his hands on a bunch of eBay accounts, including credit card info, and using those accounts to purchase $32,000 worth of gift certificates. Yet another eBay scam isn't that interesting, of course, but what's unclear from the article here is exactly how this guy got the info. The article says: "he hacked into online auctioneer eBay Inc.'s site, stole users' credit card numbers and then used them." That would imply that there's a problem on eBay's end, and they have some sort of security hole that this guy exploited. If that's the case, it's an issue that eBay might want to address, because it could put other people at risk. However, the article barely focuses on that part at all, so it's possible that this was a more typical scam (phishing, perhaps) that allowed the guy to get account info and credit cards. Still, it would be nice to know whether or not others are at risk.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    anonymous Coward, 5 Jan 2006 @ 8:27pm

    ebay

    "he hacked into online auctioneer eBay Inc.'s site, stole users' credit card numbers and then used them."

    link to this | view in chronology ]

  • identicon
    Don Gray, 5 Jan 2006 @ 8:33pm

    A little more Info...

    Slightly better info here.

    He is charged with Larceny (unlawful taking) by a single scheme as well as inappropriately accesing computer information.

    Wonder if this and this are the same guy?

    link to this | view in chronology ]

  • identicon
    Jeremy Rice, 5 Jan 2006 @ 10:02pm

    ebay credit card problem

    If ebay has a problem with customer data being exposed then they would be obligated to inform the public...I doubt they would ignore this obligation as they could potentially face larger legal issues if they were caught breaking the law.

    link to this | view in chronology ]

  • identicon
    Zach Skaggs, 6 Jan 2006 @ 3:11am

    The Media

    If ebay had a security hole, the media would jump ALL OVER IT. Think about it. They will SLAM Microsoft for a small security hole that Microsoft finds and fixes on it's own that was most likely never exploited. If ebay had a flaw allowing for peoples credit card information to be stolen, we'd never hear the end of it.

    link to this | view in chronology ]

  • identicon
    Chris H, 6 Jan 2006 @ 5:19am

    No Subject Given

    Someone above said eBay would be obligated under law to disclose if customer information was comprimised. Is this true? I often here reports of this kind of data loss, and the question is always how many other losses are there that go unreported.

    link to this | view in chronology ]

    • identicon
      Pat, 10 Jan 2006 @ 5:15am

      Re: No Subject Given

      I know from personal experience that ebay must have some kind of hole and they refuse to admit it. In late November, I had a bunch of auctions for high end electronics stuff just appear on my seller's list one morning. They were NOT my auctions. Thank goodness the scammer didn't change my password soI wasable to still sign in and get to safe harborlive help to get it sorted out. Ebay didn't even ask me which item numbers were the problem. They disappeared in a flash. I had to jump through all kinds of hoops to get everything sorted out, but it got resolved pretty fast. I know for a fact that I had not clicked on a phishing email....I'm super careful.....so how did the crook hack my account ???????About a week later another seller I know had the same thing happen. I believe it is muchmore common than we know!

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 17 Jan 2006 @ 2:59pm

        ebay hole and fraud

        check for a "dell xps laptop" and you will many 1 day listing with a seperate email in the listing. if you email them they will offer you a sweet price if you pay via western union.
        you'll see many sellers selling the same items under the same "email me for buy it now price, pay via western union." scam

        ebay definitely has a fraud problem.

        link to this | view in chronology ]

      • identicon
        Anonymous Coward, 17 Jan 2006 @ 3:00pm

        ebay hole and fraud

        forgot to include my email

        link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.