Comprehensive Analysis: eBay Cyber Attack and Security Threat Report

Verified

Added on 2021/04/24

AI Summary

This report analyzes a significant cyber attack on eBay, detailing the exploitation of employee credentials leading to a massive data breach. The attack, a form of cybercrime, resulted in the theft of user information, including email addresses and encrypted passwords. The report contextualizes eBay as a multinational e-commerce corporation and examines the security lifecycle model's importance in preventing such threats. It highlights the company's response, including the mandatory password reset for affected users. The report also offers a user's perspective on eBay's security measures, focusing on account registration and payment security, while also pointing out potential vulnerabilities like the optional feature to save card details for future purchases. References to relevant academic sources further support the analysis.

Running head: SECURITY THREAT
Security Threat
Name of the Student
Name of the University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1SECURITY THREAT
1.
The attack on eBay was a result of Cyber attack. Cyber attack is an intended exploitation
of systems, networks and technology dependant enterprises (Turban et al., 2015). It uses
malicious codes to change the logic, data or the computer codes that lead to disruptive
consequences. It results into cybercrimes which poses compromising of data such as information
theft or identity theft. The attackers had stolen the information such as email addresses,
encrypted passwords, birth dates and other related information of the company’s users. It was
later found that the hackers used employee credentials which were an easy method to hack the
system (Finkle, 2014).
2.
eBay is a multinational e-commerce operating corporation. It was established in 1995 by
Pierre Omidyar. It is headquartered at San Jose, California, U.S. It provides consumer to
consumer and business to consumer sales service through website (Schultz & Block, 2015). The
company operates eBay.com, online auction and a shopping website where people and business
can buy and sell varieties of products and services. Other than this, it includes services like
online ticket trading of events and money transfer services.
3.
Security life cycle model follows the process of identifying, assessing, protecting and
monitoring the system. This helps the organization keep its system improving and changing with
time towards more secured networks. However, this model can be useful to avoid cyber threats
by continual monitoring and implementing strategies to overcome with the help of implemented

2SECURITY THREAT
policy and standards. These policy and standards are needed to evaluate and configure the
resources. In the above case, the company’s security was attacked using employee credentials.
4.
The company’s user information was hacked by unknown hackers using the employee
information. This had lead to the users of eBay to a threat of getting their personal information
stolen. The company had to compromise over a huge number of information. In addition, they
asked their users to change their passwords for eBay as well for other sites in order to be in the
safer side (Hackers steal up to 145 million user records in massive eBay breach, 2014).
Therefore, the customer had to only change their password and secure their account and be aware
of the emails that can be fraud to ask for personal details which is not to be forwarded.
5.
After visiting the e-commerce site of eBay I found that the site asked for name, shipping
address, email address, contact number and birth date to register and make an account by
securing it with a strong password of least 8 characters. Then further while proceeding towards
purchasing the products or simply exchanging funds with the company it asked for account
details to make the payment, according to me it looked secured at first impression as it allows
only PayPal and debit/credit cards to exchange funds (Ksiezopolski, Wierzbicki & Rusinek,
2014). But I found one thing insecure that was to save the cards in the account for future
purchase. However, this was optional.

3SECURITY THREAT
Reference
Finkle, J. (2014). Hackers raid eBay in historic breach, access 145 million records.
uk.reuters.com. Retrieved 24 February 2018, from https://uk.reuters.com/article/uk-ebay-
password/hackers-raid-ebay-in-historic-breach-access-145-million-records-
idUKKBN0E10ZL20140522
Ksiezopolski, B., Wierzbicki, A., & Rusinek, D. (2014). On the Modelling of the Computer
Security Impact on the Reputation Systems. In Information and Communication
Technology-EurAsia Conference (pp. 526-531). Springer, Berlin, Heidelberg.
Schultz, D. E., & Block, M. P. (2015). US online shopping: Facts, fiction, hopes and
dreams. Journal of Retailing and Consumer Services, 23, 99-106.
Turban, E., King, D., Lee, J. K., Liang, T. P., & Turban, D. C. (2015). E-Commerce Security and
Fraud Issues and Protections. In Electronic Commerce (pp. 457-518). Springer, Cham.