eBay data breach set to be investigated by the ICO
Auction site finds itself at centre of several security investigations in wake of data breach
Internet auction site eBay looks set to have its operations probed in the wake of this week's data breach by a slew of data protection experts and regulators.
The website confirmed earlier this week that it had suffered a massive data breach, resulting in the disclosure of the passwords belonging to hundreds of millions of its users.
Details have since emerged that eBay is facing investigations on several fronts about the events that led to the breach taking place.
The US states of Connecticut, Florida and Illinois have already announced plans to join forces to investigate the company's security policies, along with the country's Federal Trade Commission.
An eBay spokesperson said the site is ready and willing to co-operate with any investigations that are carried out into its security strategy.
"We have relationships with and proactively contacted a number of state, federal and international regulators and law enforcement agencies," the spokesperson said.
Meanwhile, UK data protection watchdog, the Information Commissioner's Office (ICO) has confirmed that it's looking into launching its own probe into the breach.
Speaking to Radio 5 Live earlier today, The Information Commissioner Christopher Graham said a full investigation into the breach is justified given that millions of the site's users live in the UK.
However, because eBay's European headquarters are in Luxembourg, the ICO will first need to liaise with that country's data protection officers before it can act.
"When you're taking on a big global player like eBay, you've got to make sure do not get foot faulted and do something that would get you into troubles with the lawyers," Graham explained.
Meanwhile, eBay has denied that data stolen during the breach has been posted on anonymous text-sharing website Pastebin, which is regularly used by hackers to showcase stolen data.
Reports that a data dump from the eBay breach was up for sale for 1.45 bitcoins (447) on Pastebin began circulating yesterday night, but an eBay representative has since confirmed the details are not from "authentic" user accounts.
Four cyber security essentials that your board of directors wants to know
The insights to help you deliver what they needDownload now
Data: A resource much too valuable to leave unprotected
Protect your data to protect your companyDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now