eBay shut down an entire discussion board devoted to Trust & Safety issues after someone began posting confidential user information. Someone using multiple User IDs began listing information purported to be eBay users' private and financial data on the Trust & Safety discussion board. Mark, a user who says he posts regularly on the board, said he noticed the problem at 8:50 am Eastern on Tuesday and called his eBay representative about 20 minutes later after he saw the posts remained. He said it took about an hour for the posts to be removed, and minutes later, the entire board was taken down.
The person posted using several IDs that look like they had been hijacked from legitimate users. The subject line of each thread began with the letters "Wheeeeeeeeeeeeeeeeeeeee" followed by six numbers.
Mark said regular users who were posting on the board while the incident was taking place suspected that eBay may have been hacked, and he said some believed it was a scammer named Vladuz that has tormented eBay in the past. eBay has denied that Vladuz has ever hacked into its system (http://www.auctionbytes.com/cab/abn/y07/m02/i22/s03).
AuctionBytes was able to view the forum and several posts before they were removed. While most data looked like it could have been obtained through phishing campaigns, the posts also included fields labeled "Id verified" and "Store" along with a time-date stamp of the user registration. The accuracy of the information has not been verified by AuctionBytes.
Update 9/25/07 3:20 pm Eastern:
eBay spokesperson Nichola Sharpe said Tuesday afternoon that posts made on the Trust & Safety board early this morning contained name and contact information for 1,200 eBay members and called the person posting the information a "malicious fraudster." She said the incident was not the result of a security breach from eBay and could have been obtained as part of an account takeover.
Sharpe said the credit card information contained in the posts were not associated with financial information on file for those users at eBay or PayPal. The company is in the process of proactively contacting members by phone, "so that if the information is valid somehow - regardless how this fraudster acquired the information - these members can take the steps they need to take to protect themselves."
eBay has temporarily blocked community access to the Trust and Safety discussion forum, Sharpe said, and informed the community of the incident via the eBay Chatter blog (http://www.ebaychatter.com/the_chatter/2007/09/trust-safety-fo.html).
"Our Trust and Safety team is continuing to closely monitor this situation," Sharpe said.
Meanwhile, users are spooked by the posts and some are critical of eBay's response. A YouTube member going by the name of "cappnonymous" posted a video showing the eBay Trust & Safety board posts, titling the submission, "ebaY Major Hack AttacK! User's Data Posted On Ebay T&S Bd" (http://www.youtube.com/watch?v=_q9m2iFsz9M).
NOTE: Please check back during the day as we will update this story as it develops.
Also see the AuctionBytes blog:
http://tinyurl.com/24xssx
