When polled about which top executive should be accountable for the recent security breach at eBay, a majority of sellers said eBay CEO John Donahoe. But about a quarter of respondents also said the company’s Chief Technology Office (CTO), Chief Security Officer (CSO) and President of eBay Marketplaces should be held accountable as well.
Only 2.3% of EcommerceBytes readers who answered the poll said no one should take the fall.
We introduced the poll in this EcommerceBytes blog post on May 22, one day after eBay revealed the cyber attack, which took place in February and March but had only been detected by eBay 2 weeks prior to the announcement. eBay said cyber attackers had compromised a small number of employee log-in credentials, allowing unauthorized access to eBay’s corporate network.
In the blog post, we asked, “Who at eBay should take the fall for its one of the largest online data breaches in history? Let us know what you think,” and we provided the names of four executives. Here are the results of the poll:
eBay CEO John Donahoe 87.4%
eBay CTO Mark Carges 27.7%
eBay CSO Eric Martin 24.6%
eBay Marketplaces President Devin Wenig 22.1%
No one 2.3%
We also gave readers the opportunity to select “other.” A good number of respondents wrote in words to the effect of “all of the above,” and some said “the entire management.” “They should ALL go, it’s time for a fresh start with new faces who have experience of ecommerce,” wrote one respondent.
Others pointed to folks in IT:
“The technical teams that design the security programs.”
“IT Dept Head. eBay Execs cannot babysit every dept about such details.”
“Coder who wrote the code that was hacked.”
Others used the Other field to express cynicism about the fallout:
“It was just a “glitch”!!!!”
“Let’s be honest… no one will lose their job over this.”
“Like everything, punish the sellers.”
“Some dumb sacrificial lamb that they can find.”
Some readers who took the poll believed there were other people at eBay responsible for the breach who should take the fall:
“Those who failed to do their job.”
“The employee(s) who didn’t follow security protocols and allowed the breach along with any executive who agreed with keeping the breach silent.
“Whoever leaked it out.”
Another felt shareholders should shoulder some responsibility. “eBay’s entire board should be asset stripped and shareholders should be forced to forgo payouts until every person that’s details were revealed have been financially remunerated. Shareholders should be partly responsible and liable bout time these gamblers got their fingers burnt.”