In what is being called the world’s biggest online security breach, it has been revealed that 233 million eBay users are at risk of identity theft after hackers successfully accessed a serious amount of sensitive information.

Yesterday morning, the online auction and sales site, eBay, released a statement announcing that a database containing passwords had been hacked and as a result all eBay users must change their passwords immediately. They insisted that changing your password is the ‘best practise’ that would help ‘enhance security for eBay users’ and that if you use the same password for other sites, they should also be changed.

According to the statement, the breach happened in late February/early March and that, despite the passwords being encrypted, hackers were able to acquire customers’ names, email addresses, home addresses, phone numbers and dates of birth, all the information you would need to commit fraud and identity theft.

Apparently, the hackers were able to gain access to the site’s employees’ log-in information which in turn allowed them to access the encrypted passwords. However, they did insist that all financial data and credit card information was stored separately and was still secure. They also claimed no unauthorised transactions had yet been made with the information the hackers accessed.

There has been some controversy surrounding the company’s decision to delay this announcement for such a long period as, according to security experts, this increases users’ risk of identity theft enormously. Given that some telephone banking services accept date of birth and home address as proof of identity over the phone, the potential for serious criminal activity is certainly a real threat. In the time it has taken for eBay to disclose this security breach, it’s possible the damage could already have been done.

So if you’re an eBay user, go change your password immediately. If you use the same password for other sites, change them too to ensure your accounts are safe should the hackers successfully decrypt the passwords. Be vigilant and look out for any suspicious activity in all your accounts!

What are your thoughts on this surprising breach of the internet giant? Are you concerned about other sites’ security? Are eBay justified in leaving it three months before informing users their information is in the hands of criminals? Let us know in the comments section below!