|Thu May 22 2014 20:01:30|
Who Takes the Fall for eBay's Massive Data Breach?
By: Ina Steiner
Donahoe. Wenig. Carges. Who at eBay is ultimately to blame for exposing over 230 million users' personal information to hackers?
In the wake of one of the largest online data breaches in history, it's likely that one of these men will not be with the company when the dust settles. Just over 2 weeks ago, Target CEO Gregg Steinhafel was abruptly fired after 40 million credit card records and 110 million personal records were stolen from Target databases - far fewer numbers than eBay's data breach. Though eBay had encrypted the financial data such as social security numbers and credit card numbers, it did not encrypt sensitive data including names, email addresses, addresses and birth dates.
Plenty of media are picking up on the fact that personal data can be used for phishing and identity theft. Taking it one step further - let's say a fraudster uses my personal information accessed through the eBay breach to trick me into handing over my eBay password - will eBay protect me in the event of an account takeover? Multiply that by however many people fall for such a tactic. Some are also asking why eBay didn't encrypt information like addresses, emails and birthdates.
Aside from the breach itself, eBay has been taking hits for the lack of communication with its users after the compromise was discovered. Articles like this one in the UK's Daily Mail, "Why did eBay take THREE MONTHS to reveal cyber attack? Website blasted for "inexcusable" delay after customers details were hacked as long ago as February" are not going to reassure users.
We've set up a poll - who should go?
Create your free online surveys with SurveyMonkey
, the world's leading questionnaire tool.