https://community.ebay.com.au/t5/Selling/Is-it-pointless-JUST-changing-password/m-p/1264605#M59854 <P>When passwords are stored in secure databases they are encrypted.</P><P>That means that anyone that has gotten hold of that database still has to de-crypt them to be able to use them. That is very difficult to do unless you also have the encryption keys/algorithms used to encrypt them in the first place.</P><P>&nbsp;</P><P>So IMHO its of little concern that someone has obtained the passwords database. Its unlikely they can make any real use of them. It has been a number of months now since this break-in took place and there are no related reports of use of stolen passwords.</P><P>&nbsp;</P><P>What is more concerning is that they might have also obtained your personal details stored on file that are not encrypted.</P><P>Things like: email addy, home address, phone numbers and the like.</P><P>&nbsp;</P><P>So you may get bombarded with phishing attempts using these email addresses etc. But the usual rules apply:</P><P>NEVER click on links in embedded emails unless you are 110% sure of who the sender is and even then be careful. And hang up on phone calls if they are suspicious. Junk mail throw it out.</P><P>&nbsp;</P><P>IMO its a big media beatup designed by ebay to get some free air time and advertising. People who may have not used their account in a long might log in to change their password and while they are at it, have a browse and buy.</P> Sun, 25 May 2014 00:58:17 GMT clarry100 2014-05-25T00:58:17Z https://community.ebay.com.au/t5/Selling/Is-it-pointless-JUST-changing-password/m-p/1264565#M59848 <P><FONT size="2">As hackers already have your private info stored since February and only now ( May) after the damage has been done Ebay</FONT></P><P><FONT size="2">requests change.</FONT></P><P><FONT size="2">Ebay should have requested user Id and password.&nbsp; Starting afresh.</FONT></P><P><FONT size="2">Your views / thoughts. regards Poppy.</FONT></P> Sun, 25 May 2014 00:39:07 GMT https://community.ebay.com.au/t5/Selling/Is-it-pointless-JUST-changing-password/m-p/1264565#M59848 poppy-3348 2014-05-25T00:39:07Z https://community.ebay.com.au/t5/Selling/Is-it-pointless-JUST-changing-password/m-p/1264587#M59852 <P>Are you suggesting that everyone should close their account and open a new account with a new ID?</P><P>&nbsp;</P><P>If the hackers have your name, address and phone number how hard would it be to cross reference those details to a new ID, or are you suggesting we also change our personal details too?</P><P>&nbsp;</P><P>If you are suggesting that we all just change our IDs on our current accounts then that is pretty useless....ID changes are are noted on your account for all to see.</P> Sun, 25 May 2014 00:53:34 GMT https://community.ebay.com.au/t5/Selling/Is-it-pointless-JUST-changing-password/m-p/1264587#M59852 lyndal1838 2014-05-25T00:53:34Z https://community.ebay.com.au/t5/Selling/Is-it-pointless-JUST-changing-password/m-p/1264605#M59854 <P>When passwords are stored in secure databases they are encrypted.</P><P>That means that anyone that has gotten hold of that database still has to de-crypt them to be able to use them. That is very difficult to do unless you also have the encryption keys/algorithms used to encrypt them in the first place.</P><P>&nbsp;</P><P>So IMHO its of little concern that someone has obtained the passwords database. Its unlikely they can make any real use of them. It has been a number of months now since this break-in took place and there are no related reports of use of stolen passwords.</P><P>&nbsp;</P><P>What is more concerning is that they might have also obtained your personal details stored on file that are not encrypted.</P><P>Things like: email addy, home address, phone numbers and the like.</P><P>&nbsp;</P><P>So you may get bombarded with phishing attempts using these email addresses etc. But the usual rules apply:</P><P>NEVER click on links in embedded emails unless you are 110% sure of who the sender is and even then be careful. And hang up on phone calls if they are suspicious. Junk mail throw it out.</P><P>&nbsp;</P><P>IMO its a big media beatup designed by ebay to get some free air time and advertising. People who may have not used their account in a long might log in to change their password and while they are at it, have a browse and buy.</P> Sun, 25 May 2014 00:58:17 GMT https://community.ebay.com.au/t5/Selling/Is-it-pointless-JUST-changing-password/m-p/1264605#M59854 clarry100 2014-05-25T00:58:17Z https://community.ebay.com.au/t5/Selling/Is-it-pointless-JUST-changing-password/m-p/1264649#M59859 <P>If you change your password then your ID becomes secure again,(so there is no need to change it).</P><P>&nbsp;</P><P>The hackers wont attempt to try and get your new password as they'll have thousands of dormant account that</P><P>&nbsp;</P><P>they'll be able to access easily.</P><P>&nbsp;</P><P>They can then use these to scam members or on sell them.</P><P>&nbsp;</P><P>Your user ID without the correct password is near useless to a hacker/scammer.</P><P>&nbsp;</P><P>The only way they might use your name and ID together is for Email phishing attempts,(but you should never</P><P>&nbsp;</P><P>click on a link in any Email so that only gets the gullible)</P><P>&nbsp;</P><P>Identity theft might be the main issue due to the hacker/s,<IMG src="https://community.ebay.com.au/t5/image/serverpage/image-id/36509i66169948367888C4/image-size/original?v=mpbl-1&amp;px=-1" align="middle" border="0" title="stubborn_smiley_by_mirz123-d4bt0te_zps12f1a5a3.gif" alt="stubborn_smiley_by_mirz123-d4bt0te_zps12f1a5a3.gif" /></P><P>&nbsp;</P><P>&nbsp;</P> Sun, 25 May 2014 01:11:23 GMT https://community.ebay.com.au/t5/Selling/Is-it-pointless-JUST-changing-password/m-p/1264649#M59859 go-tazz 2014-05-25T01:11:23Z