728_header.jpg (23748 bytes)
 EB Blog 
 AB Blog 
EcommerceBytes-NewsFlash, Number 3337 - June 05, 2014 - ISSN 1539-5065    1 of 3

Etsy Blames eBay Hack for Sudden Rise in Account Hijackings

By Ina Steiner
June 05, 2014

Email This Story to a Friend

Etsy issued an unusual warning to users on Tuesday about site security - it appears the hackers who compromised eBay's user database are hijacking Etsy user accounts, most likely in cases where members used the same password on both marketplaces.

"Over the last few days, Etsy's security and risk teams have been tracking an increased volume of spam in convos," Etsy explained.

"If you have been following the news recently, you may have seen that a number of high-profile websites have suffered security incidents. We recognize that some Etsy members use the same usernames and passwords across multiple sites, and that they may be victims of the recent attacks aimed at other websites."

Etsy said it had no indication that it had suffered any compromise. "We currently believe that the uptick in convo spam that we are seeing is a direct result of usernames and passwords stolen in other attacks being used to login to some Etsy members accounts, but we want you to know that your financial and credit card information has not been compromised."

Michael Rembetsy, Etsy Vice President of Technical Operations, shared recommendations for how users could keep their accounts secure:

  • Change your password to a new, secure password. You should do this any time another site you use is found to have been compromised, especially if you’re using the same username or password elsewhere.

  • Enable two-factor authentication, which adds an extra measure of security in addition to your password.

  • Enable sign-in notifications if you are concerned about unwanted activity on your account. If Etsy detects anyone signing in to your account from a new browser or device, you will get an email notification. And if you are signing in via a new browser or device, you’ll be given the option to add it as a trusted device.

He linked to more information on how to accomplish those steps, you can read the full warning on this Etsy blog post.

Finally, Rembetsy warned users to be cautious when receiving "convos," Etsy slang for user-to-user messages, and to be cautious of following any links they may contain.

About the author:

Ina Steiner is co-founder and Editor of EcommerceBytes and has been reporting on ecommerce since 1999. She's a widely cited authority on marketplace selling and is author of "Turn eBay Data Into Dollars" (McGraw-Hill 2006). Her blog was featured in the book, "Blogging Heroes" (Wiley 2008). Follow her on Twitter at @ecommercebytes and send news tips to ina@ecommercebytes.com.

You may quote up to 50 words of any article on the condition that you attribute the article to EcommerceBytes.com and either link to the original article or to www.EcommerceBytes.com.
All other use is prohibited.

Email This Story to a Friend
Email this story to a friend.

1 of 3

Sponsored Ad