Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success. Learn More

Update 12:34PM ET: A quote provided by Jumio inaccurately stated that eBay used KBA and has been removed.

eBay is facing an investigation in the U.K. and three U.S. states after sustaining a massive cyberattack.

Yesterday, eBay revealed that a database containing the sensitive, personal details of its 145 million active users was compromised two months ago. The breach, possibly the second largest in U.S. history, is now under scrutiny in Connecticut, Florida, and Illinois, BBC News reports.

A joint investigation between the three states is already underway. Meanwhile, a pending investigation led by the U.K.’s information commissioner is reportedly hitting roadblocks due to “outdated and complex data protection laws.”


Transform 2023

Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.


Register Now

Immediately following the breach, security firms jumped at the opportunity to call eBay’s security practices into question. In an email to VentureBeat, a strategist at security and threat analysis firm Rapid7 highlighted that eBay “still has the ability to invalidate compromised passwords,” despite the friction it may cause users.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.