Update 12:34PM ET: A quote provided by Jumio inaccurately stated that eBay used KBA and has been removed.
eBay is facing an investigation in the U.K. and three U.S. states after sustaining a massive cyberattack.
[aditude-amp id="flyingcarpet" targeting='{"env":"staging","page_type":"article","post_id":1479857,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"business,security,","session":"D"}']Yesterday, eBay revealed that a database containing the sensitive, personal details of its 145 million active users was compromised two months ago. The breach, possibly the second largest in U.S. history, is now under scrutiny in Connecticut, Florida, and Illinois, BBC News reports.
A joint investigation between the three states is already underway. Meanwhile, a pending investigation led by the U.K.’s information commissioner is reportedly hitting roadblocks due to “outdated and complex data protection laws.”
AI Weekly
The must-read newsletter for AI and Big Data industry written by Khari Johnson, Kyle Wiggers, and Seth Colaner.
Included with VentureBeat Insider and VentureBeat VIP memberships.
Immediately following the breach, security firms jumped at the opportunity to call eBay’s security practices into question. In an email to VentureBeat, a strategist at security and threat analysis firm Rapid7 highlighted that eBay “still has the ability to invalidate compromised passwords,” despite the friction it may cause users.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn More