Over a week has gone by since eBay revealedcriminals had gained unauthorized access to its corporate network and user data, and the fallout continues. A few states vowed to launch an investigation of their own, and there are reports of other vulnerabilities that could put eBay user data at risk.
Connecticut’s Attorney General said he would look into the circumstances surrounding the breach as well as the steps eBay was taking to prevent any future incidents. He even took to Facebook to announce the investigation.
Florida’s Attorney General said her office was part of a group of other attorneys general in the country investigating the eBay breach, and Massachusetts’ AG said her office was working with other states to closely monitor the situation.
New York’s Attorney General said his office asked and fully expected eBay to provide free credit monitoring services to customers impacted by the breach.
Meanwhile, reports like this one on Hacker News said there were other vulnerabilities that could allow an attacker to compromise eBay users’ accounts again.
eBay told EcommerceBytes on Thursday it was working with law enforcement and leading security experts to aggressively investigate the matter. Spokesperson Ryan Moore said, “Nothing is more important to eBay than ensuring the security of our customer¹s information and the protection of their data and we are committed to doing the right thing for them. We are committed to working with the relevant regulatory and governmental authorities to address their questions about this matter. We have proactively reached out to relevant authorities to work with them and will continue to cooperate as we go forward.”
And as we reported on Tuesday, auctions have taken a hit due to eBay requiring all users to reset their passwords, and eBay is refunding some seller fees and allowing sellers to cancel some auctions through Saturday.