IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

eBay data breach set to be investigated by the ICO

Auction site finds itself at centre of several security investigations in wake of data breach

eBay sign

Internet auction site eBay looks set to have its operations probed in the wake of this week's data breach by a slew of data protection experts and regulators.

The website confirmed earlier this week that it had suffered a massive data breach, resulting in the disclosure of the passwords belonging to hundreds of millions of its users.

Details have since emerged that eBay is facing investigations on several fronts about the events that led to the breach taking place.

The US states of Connecticut, Florida and Illinois have already announced plans to join forces to investigate the company's security policies, along with the country's Federal Trade Commission.

An eBay spokesperson said the site is ready and willing to co-operate with any investigations that are carried out into its security strategy.

"We have relationships with and proactively contacted a number of state, federal and international regulators and law enforcement agencies," the spokesperson said.

Meanwhile, UK data protection watchdog, the Information Commissioner's Office (ICO) has confirmed that it's looking into launching its own probe into the breach.

Speaking to Radio 5 Live earlier today, The Information Commissioner Christopher Graham said a full investigation into the breach is justified given that millions of the site's users live in the UK.

However, because eBay's European headquarters are in Luxembourg, the ICO will first need to liaise with that country's data protection officers before it can act.

"When you're taking on a big global player like eBay, you've got to make sure do not get foot faulted and do something that would get you into troubles with the lawyers," Graham explained.

Meanwhile, eBay has denied that data stolen during the breach has been posted on anonymous text-sharing website Pastebin, which is regularly used by hackers to showcase stolen data.

Reports that a data dump from the eBay breach was up for sale for 1.45 bitcoins (447) on Pastebin began circulating yesterday night, but an eBay representative has since confirmed the details are not from "authentic" user accounts.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Modernise your legacy databases in the cloud
Whitepaper

Modernise your legacy databases in the cloud

10 Jun 2022
Deploying flexible data protection to support cloud workload placement
Whitepaper

Deploying flexible data protection to support cloud workload placement

10 Mar 2022
Ten ways to protect your company from the next big data breach
data breaches

Ten ways to protect your company from the next big data breach

18 Feb 2022
MoJ faces £17.5m GDPR fine over subject access request backlog
data protection

MoJ faces £17.5m GDPR fine over subject access request backlog

20 Jan 2022

Most Popular

Salaries for the least popular programming languages surge as much as 44%
Development

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022
The UK's best cities for tech workers in 2022
Business strategy

The UK's best cities for tech workers in 2022

24 Jun 2022
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022