Security

eBay's historic cyberattack under fire from U.S. & U.K. investigators

eBay
Image Credit: eBay
Successful CMOs achieve growth by leveraging technology. Join us for GrowthBeat Summit on June 1-2 in Boston, where we'll discuss how to merge creativity with technology to drive growth. Space is limited. Request your personal invitation here!

Update 12:34PM ET: A quote provided by Jumio inaccurately stated that eBay used KBA and has been removed.

eBay is facing an investigation in the U.K. and three U.S. states after sustaining a massive cyberattack.

Yesterday, eBay revealed that a database containing the sensitive, personal details of its 145 million active users was compromised two months ago. The breach, possibly the second largest in U.S. history, is now under scrutiny in Connecticut, Florida, and Illinois, BBC News reports.

A joint investigation between the three states is already underway. Meanwhile, a pending investigation led by the U.K.’s information commissioner is reportedly hitting roadblocks due to “outdated and complex data protection laws.”

Immediately following the breach, security firms jumped at the opportunity to call eBay’s security practices into question. In an email to VentureBeat, a strategist at security and threat analysis firm Rapid7 highlighted that eBay “still has the ability to invalidate compromised passwords,” despite the friction it may cause users.


VentureBeat’s VB Insight team is studying marketing analytics... Chime in here, and we’ll share the results.