(WAFF) - eBay users are being asked to change their passwords because of a cyber attack that compromised a database containing encrypted passwords and other non-financial data.
The company said they conducted extensive tests on its network and said there is no evidence of the compromise resulting in unauthorized activity for eBay users. They also said there's no evidence of any unauthorized access to financial or credit card information that is stored separately in encrypted formats.
eBay recommends changing passwords as a best practice that will enhance security for users.
Cyber attackers compromised a small number of employee log-in credentials, allowing unauthorized access to eBay's corporate network, the company said. Working with law enforcement and leading security experts, the company said it is aggressively investigating the matter and applying forensics tools and practices to protect customers.
In a news release, eBay said the database was compromised between late February and early March. That database included customers' name, encrypted password, email address, physical address, phone number and date of birth. The company said the compromised employee log-in credentials were first detected about two weeks ago.
Since PayPal data is stored separately on a secured network and is encrypted, the company said it has no evidence of unauthorized access to information for users of the payment service.
Beginning Tuesday, eBay users will be contacted by email to change their password. In addition to asking users to change their eBay passwords, the company is encouraging any eBay user who uses the same password on other site to change those passwords, too.
eBay suggests never using the same password across multiple sites or accounts.