eBay

bextaqua · ‎22-12-2014

Has anyone else experienced what seems to be some kind of account crossover problem? I went to respond to a seller's message a couple of hours ago (having not logged off the web version - NOT the app - via my phone) and found a series of messages that weren't for me. In fact, I was somehow in another member's account & could see all of their transactions and messages.

I immediately logged out, changed my password, and called eBay (after being issued with a one-off phone verification code).

While the rep was extremely courteous, she was unable to provide me with an explanation and didn't seem interested in contacting the member with the possibly compromised account.

I am really worried that my account may have been similarly compromised and wonder if anyone else has experienced this issue.

bakeandfry · ‎23-12-2014

Myself personaly have not experienced this type of issue ( i use phone), only things i can think of is maybe a teathering issue on bluetooth, but that is a guess, i think its been upgraded from when it was first starting to be used. Even then with bluetooh teathering you have to be in close range, well closer than normal teathering.

*we may be human, but we are still animals*

bextaqua · ‎23-12-2014

Thanks for your reply. I'm still really worried about the issue. I didn't have Bluetooth enabled & was in my home, but that's a point worth remembering for the future too.

I have the other eBayer's user name & email address and have sent them a message to let them know of the breach. I fear that they'll write it off as spam & ignore it.

I'm really surprised that eBay didn't take this more seriously as it's a pretty shocking security issue. I had full access to the user's ability to purchase, message, or amend orders.

And I have never experienced this before either & have been with eBay for well over a decade.

bakeandfry · ‎23-12-2014

Ok only thing i can think of is the other person has synchronised info to.a pc via usb teathering ( pc will get all info from sim) and you would have to just hook up phone via normal usb ( mass storage device) and your got the info, but the chance it was done on same pc would be slim.

*we may be human, but we are still animals*

bextaqua · ‎23-12-2014

Yeah, I'm still scratching my head about this one. Thanks for your reply. I was only logged in, via the website (not app) on a brand new mobile phone (not my computer). I was in my home & didn't have Bluetooth enabled.

The new SIM was popped out of a perforated card I'd just received from the phone company along with the phone (under a week ago.)

I went out of messages & back in & there was another user's eBay account, complete with their email address & other info.

thecatspjs · ‎23-12-2014

Wonder if you have actually been redirected to a scam page ?

Users email addresses are partially hidden on eBay accounts as a security measure, so if you saw a full email address on a page you were taken to, then that should ring an alarm bell.

bakeandfry · ‎23-12-2014

Could be catspjs, but normaly on phone a pop up will come up telling you that the security certificate is wrong and you have option to continue at own risk or go back, same with pdf files that can be harmfull to mobile device.

*we may be human, but we are still animals*

bextaqua · ‎23-12-2014

I hope that's what it was. The email address only appeared in the log-in field after I'd signed out. The account had regular buying/selling exchanges & messages, including a message in which the eBayer was querying an item they hadn't purchased. But I must admit that I logged out pretty fast when I realised it wasn't my a/c.

eBay

Account security breach

Account security breach

Account security breach

Account security breach

Account security breach

Account security breach

Account security breach

Account security breach