alfreda89: 3 foot concrete Medieval style gargoyle with author's hand resting on its head. (Warning Sign on a CA entrance to a parki)
alfreda89 ([personal profile] alfreda89) wrote2014-05-21 11:53 am
  • Add Memory
  • Share This Entry
  • Current Mood: annoyed
  • Current Location: House of the Quiet Cat
  • Current Music: birds
Entry tags:

eBay Users, Time to Change Your Password

Here's the CNET article.

It happened late February/early March, and was detected two weeks ago.  They do not believe that financial info was compromised.

I am starting to think that I will either close down 90% of online accounts, or finally join LastPASS.
Flat | Top-Level Comments Only

[identity profile] dancinghorse.livejournal.com 2014-05-21 05:08 pm (UTC)(link)
Correlation is not Causation(TM), but the day I used ebay for the first time since February, paying through Paypal, I received a notice that evening that I had "authorized" a large transfer of funds through Paypal. I was able to call and get it fixed immediately, but the timing raised my eyebrows.

I have since discovered that the account that hacked my Paypal managed to get into Firefox on my computer and authorize itself to "work offline," to the tune of 291MB of I don't know what.

There's no way to prove a connection, and if the hack happened months before, it seems odd it would have suddenly affected me in May. It's probably something else--but be wary! Make sure to check for "authorizations" you didn't authorize.

I've changed a bunch of passwords, including my ebay password (thank you for that reminder, Kathi!), and will be monitoring my browser settings to make sure nothing else gets in. It's quite possible Paypal itself had a leak, or someone got past my firewalls somehow via a website.

I had my bank account cleaned out last year by a Chinese hacker who had got hold of the database at the issuing company for my check card. There was no way to protect that with password changes. The company itself was compromised. Now the bank recommends not using the card as a debit card, so the PIN can't get skimmed.

It's a jungle out there.

[identity profile] alfreda89.livejournal.com 2014-05-21 05:35 pm (UTC)(link)
It's a very nervy world, Judy. Sympathies over your extreme hassles. I don't have an eBay account, but I have friends who do, so wanted to post this. I was thinking about selling some things on eBay, but this has me thinking twice.

I never use my debit card as a credit card, and in fact do not use it as a debit card. I have to use it at a new branch where everything is done in boxes. I hate the branch (which unfortunately is two blocks from my home) and drive to one with actual tellers.

Occasionally I think we may end up going to Kristine Smith's paper verification system of her future world. Not a pretty image.

Thank you for the password reminder. Time to investigate LastPass.

[identity profile] ladypoetess.livejournal.com 2014-05-21 07:40 pm (UTC)(link)
LastPass is good and easy. Definitely recommend it.

By all means, shut down accounts you don't need or don't use, but don't fall into the paranoid head-in-the-sand trap that going offline makes you safer. It might, if you could take yourself entirely off the grid, but that would mean removing yourself from society as a whole, at this point. So much of the world has or is going digital, and that brings threats with it, just like any shift in technology does. We're learning, we're adapting, and we're finding ways to make it safer all the time. Promise. :)
Flat | Top-Level Comments Only