322 Million Alleged eBay Account Details Offered for Free on Hacker Forum

Miklos Zoltan

By Miklos Zoltan . 25 November 2022

Founder - Privacy Affairs

On a popular hacker forum, cybercriminals are claiming to possess the personal information of over 322 million eBay users.

The information and databases are distributed free of charge.

Highlights:

  • Cybercriminals claim to possess personal information of over 322 million eBay users
  • The alleged data is claimed to be from 2015
  • Data includes email addresses, names, physical addresses, and dates of birth of alleged eBay users
  • The data is distributed for free on a hacker forum
  • The authenticity of the leak is uncertain
  • eBay experienced no known major data breaches in 2015

Cybercriminals on a popular hacker forum claim to possess stolen databases belonging to eBay. Allegedly the databases contain the personal information of over 322 million eBay users.

eBay Data Breach

The person posting the announcement claims that the data is from 2015 and contains information on 322,065,923 eBay users. The source of the data was, however, not revealed.

The forum poster claims that they offer this information for free because, allegedly earlier, another cybercriminal pretended that the databases were new and asked for a sum of 799 BTC in exchange.

The poster alleges that this information was already public, and the person asking 799 BTC was attempting to scam potential buyers.

The sample information uploaded by the forum poster included personal information allegedly belonging to eBay users, such as:

  • Email addresses
  • Full names
  • Physical address
  • Date of birth

It is unclear whether the information from the databases indeed belongs to real eBay users. The origin of the files is also uncertain at this moment. No 2015 data breach affecting eBay is currently known.

The last major data breach eBay experienced was in 2014 when the personal data of 145 million users was leaked after hackers compromised a small number of employee log-in credentials, allowing them to access internal eBay systems.

Should you be concerned?

Every major data breach claim is serious and should not be ignored. That being said, in this specific case, the users’ personal information wasn’t severely affected.

First of all, it is uncertain if the data shared by the hackers is even legitimate. Currently, no major eBay data breach from 2015 is publicly known. Also, no previously known data breach affected over 322 million users.

Also, the data revealed in the files does not necessarily include sensitive data, such as payment details or government IDs.

The data shared is potentially sensitive, but not necessarily to the extent that it could compromise eBay accounts.

One of the worst outcomes of this could be scammers using shared email addresses to create spam lists. The shared data can also be used for business intelligence purposes.

We have contacted eBay for comments on this story.

Privacy Affairs

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment