Additional Information


Content

EBay breach down to 'marketing outstripping security and laziness', says hacker

EBay's data breach that exposed the data of 122 million of its users is a sign that companies' marketing "has advanced far faster than the security", according to former hacker Jake Davis.

eBay: suffers data breach

eBay: suffers data breach

Share this article

Dr Ian Brown, associate director of Oxford University's cyber security centre, believes the breach that exposed eBay users’ passwords once again raises the issue of what "kind of penalty would actually be meaningful to companies like Sony and eBay". 

Brown was referencing the £250,000 fine imposed by the Information Commissioner’s Office on Sony after its PlayStation network was breached.

Speaking on BBC Radio 4’s Today programme, former hacker Davis said he believes companies are currently not doing enough to prevent hacks out of "laziness" rather than monetary constraints.

He said: "I think it is more of an attention issue than a money one. A lot of these companies are hacked via means that hackers have been using since the 90s.

"The marketing of these companies has advanced far faster than the security just due to laziness."

Davis argues the issue could be sorted with a "simple meeting" where executives "sit down and map out their entire network: who has access to what and what parts of the website are important and secure them".

EBay is now asking users to change their passwords because of the cyber attack, which it insists has not compromised any financial data.

The company said that after conducting tests it has found "no evidence of any unauthorised access to financial or credit card information".

It appears the hackers tricked a small number of employees to give up their log-in credentials in a breach that happened in late February and early March.

The hackers gained access to eBay customers’ names, encrypted passwords, email addresses, physical addresses, phone numbers and date of birth. 

Raj Samani, chief technology officer of EMEA at McAfee, said: "The breach could have inadvertently compromised additional data, and there is no way of knowing who has this data, and what other scams it may be used for. 

"Therefore, it is imperative for consumers to be alert for emails asking for information, even if they already seem to know some personal details about them. In addition, it is important to track credit transactions for new accounts that they did not open."

This article was first published on marketingmagazine.co.uk

Before commenting please read our rules for commenting on articles.

If you see a comment you find offensive, you can flag it as inappropriate. In the top right-hand corner of an individual comment, you will see 'flag as inappropriate'. Clicking this prompts us to review the comment. For further information see our rules for commenting on articles.

comments powered by Disqus

Additional Information

Latest jobs Jobs web feed

FROM THE BLOGS

The Wall blogs

Let’s taste the music External website

by Greg Taylor, 24/10/2014

 

Six vital ad:tech themes for 2015 External website

by Neil Higgins, 24/10/2014

 

Are you singular or plural? External website

by Rachel Brushfield, 24/10/2014

 

Back to top ^