Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

"EBay spokeswoman Amanda Miller told Reuters late on Wednesday that those passwords were encrypted and that the company had no reason to believe the hackers had broken the code that scrambled them."

That seems to imply that eBay used a singular encryption key across its accounts. Surely not?



Journalists and PR people don't know the difference between encryption and hashing.

eBay is steering media reports toward the password story.

Much more important and potentially damaging to eBay's reputation and revenue is that 145 million user records were stolen.

This could be much more damaging than the Target or Adobe breaches.


Target had payment info. That trumps this easily.


Like panarky, I wouldn't take that on face value. I'm going to guess that a significant number of people use the same password for Ebay as for Paypal. Someone's got a lot of incentive to generate some hashes tonight..




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: