eBay data breach set to be investigated by the ICO

Auction site finds itself at centre of several security investigations in wake of data breach

eBay sign

Internet auction site eBay looks set to have its operations probed in the wake of this week's data breach by a slew of data protection experts and regulators.

The website confirmed earlier this week that it had suffered a massive data breach, resulting in the disclosure of the passwords belonging to hundreds of millions of its users.

Details have since emerged that eBay is facing investigations on several fronts about the events that led to the breach taking place.

The US states of Connecticut, Florida and Illinois have already announced plans to join forces to investigate the company's security policies, along with the country's Federal Trade Commission.

An eBay spokesperson said the site is ready and willing to co-operate with any investigations that are carried out into its security strategy.

"We have relationships with and proactively contacted a number of state, federal and international regulators and law enforcement agencies," the spokesperson said.

Meanwhile, UK data protection watchdog, the Information Commissioner's Office (ICO) has confirmed that it's looking into launching its own probe into the breach.

Speaking to Radio 5 Live earlier today, The Information Commissioner Christopher Graham said a full investigation into the breach is justified given that millions of the site's users live in the UK.

However, because eBay's European headquarters are in Luxembourg, the ICO will first need to liaise with that country's data protection officers before it can act.

"When you're taking on a big global player like eBay, you've got to make sure do not get foot faulted and do something that would get you into troubles with the lawyers," Graham explained.

Meanwhile, eBay has denied that data stolen during the breach has been posted on anonymous text-sharing website Pastebin, which is regularly used by hackers to showcase stolen data.

Reports that a data dump from the eBay breach was up for sale for 1.45 bitcoins (447) on Pastebin began circulating yesterday night, but an eBay representative has since confirmed the details are not from "authentic" user accounts.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19
Security

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19

24 Nov 2020
350,000 Spotify users hacked in credential stuffing attack
Security

350,000 Spotify users hacked in credential stuffing attack

24 Nov 2020
WAPDropper malware hooks you up to premium telecoms services
Security

WAPDropper malware hooks you up to premium telecoms services

24 Nov 2020
VMware sounds alarm over zero-day flaws in multiple products
Security

VMware sounds alarm over zero-day flaws in multiple products

24 Nov 2020

Most Popular

macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020
How computing has revolutionised Formula 1
Sponsored

How computing has revolutionised Formula 1

11 Nov 2020