It seems that the great E-Bay hack has topped them all – with some 233 million people affected worldwide, more than 15 million of whom are British. More detail at:-
More than 15 million Britons at risk of identity theft after eBay hacked
In itself a big problem for a very large number of people, it has been made even worse by the failure to inform customers in a timely manner. What are we to believe?
“After the announcement, MPs accused the US-based firm of an “inexcusable” delay in admitting that its servers had been accessed by hackers up to three months ago”
“The company refused to say why it had waited two weeks to tell customers about the security breach.”
Either way, the delay is far too long. Identities could have been compromised already, and money lifted out of accounts, before the unfortunate target has had a chance to take whatever evasive action was possible.
What can you do to protect yourself?
As I stated in my post “Identity Theft – Does that Bother you?”, you can go to the Yahoo article “How to Prevent Identity Theft“, but that is only the starting point.
“It admitted that the name, address, date of birth, telephone number, email address and password of every eBay account holder – 233 million people worldwide – was in the hands of the hackers.”
But lets think about this for a minute. E-Bay is one of the biggest on-line sales companies in the world. How do they do business? Via PayPal of course, which they also own. This means that bank account numbers and credit card numbers must also be in their system somewhere. If these have also been stolen, the situation is much more serious.
In such a case I strongly recommend going to the bank, and getting a second credit card for your personal use. The first card – the one which you use for PayPal – should immediately have a monthly limit slapped on it to minimise losses if it is accessed illegally. If you want to go a stage further, get a new card for your PayPal account too, but make sure that it is limited.
If you know that you will need more in that account to make a purchase via E-Bay, you can easily instruct your bank to transfer funds from one account to the other.
In fact, I suggest that a separate credit card with a monthly limit for on-line transactions be made a standard part of everyone’s financial dealings.
As a general rule, take more care about how much data you are giving away. If both an email address and a postal address are required, for example, query that. Make a written objection! They only need one way to reach you that actually works.
A telephone number? Why? I see no reasonable justification for asking for one. If they cannot provide a good reason, then refuse to give it up!
Recently WordPress wanted to introduce a 2-step verification system for added security, which would have involved using a telephone number. See my post “WordPress Privacy Invasion”. I queried the reason behind this, as I saw no advantage in it for me whatsoever, only possible problems. Shortly after that there was a flurry of posts asking how turn the 2-step authentication OFF, as it was causing other people problems too.