Encrypted passwords are not 100% secure says McAfee

Very recently it was discovered that eBay suffered a massive security breach, compromising about 150 million users’ data, including passwords, email addresses, physical addresses and phone numbers – and since then some of this information has apparently already surfaced for sale.

Although eBay has said that no financial data has been compromised on their main website or subsidiary Paypal’s, vigilance is still important.

If you’re an eBay user (or if you’ve ever registered for the service), there are a few things McAfee has suggested you should do to protect yourself:

  • Change your password immediately — While the stolen passwords were encrypted, they can still be exposed through decryption programs.
  • Keep an eye out for phishing scams — eBay users should be extra suspicious of any email purporting to be from, or representing,eBay aside from the one email the company will be sending on Wednesday, May 21.
  • Track your credit — Keep a close eye on your credit and bank statements and contest any charges you didn’t make. It’s also a good idea to watch your credit report.
  • Keep an eye out for snail mail and phone fraud — Be extra careful when someone claiming to represent a company calls you. If you can, take down their phone number and tell them you’ll call them back after you’ve directly called a company’s customer service line.
  • Download comprehensive security software — Make sure you have McAfee SiteAdvisor, which comes with McAfee LiveSafe service for your PC, Mac and Android devices, or you can download it for free. McAfee SiteAdvisor will not only provide a warning message if you navigate to a risky site, but will also provide site rating icons in your browser search results on your computer, to indicate if a link is safe to click or not

eBay Inc. announced on Wednesday that the company suffered a cyberattack. The attack that occurred in late February and early March (but was first discovered 2 weeks ago), compromised a database containing encrypted passwords, email addresses, physical addresses, phone numbers and dates of birth, according to the company’s official public statement.

Leave a Reply