This follows a bizarre sequence of events when the company posted a request entitled "eBay, Inc. to Ask All eBay users to Change Passwords" on its PayPal blog with no text around 5 a.m. Wednesday. After news spread through the Internet and the mysterious title was shared multiple times, the post was taken down. The company then confirmed Wednesday morning that the request was indeed real and that users would be alerted soon.
A company representative did confirm that there was "no evidence that any financial information was accessed or compromised." The representative did not confirm how many accounts were accessed but did say that the company believes a large number of accounts were involved.
"After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats," eBay wrote in the post. "However, changing passwords is a best practice and will help enhance security for eBay users.
The cyber attack also compromised a small number of employee's log-in information as well as giving the hackers unauthorized access to Ebay's corporate network. The company said it was working with law enforcement officials and security experts to investigate the breach.
The company will send email alerts to its customers asking them to change their Ebay password. The initial post was explained as someone at Ebay publishing the post ahead of schedule.