Reps Seek Breach Info from eBay

Also suggest a review of security protocols is called for
Author:
Publish date:

Reps. Joe Barton (R-Tex.) and Bobby Rush (D-Ill.), members of the Congressional Bi-Partisan Privacy Caucus, have some questions they want eBay to answer about its recent security breach.

Ebay informed Web surfers about the breach May 21 and advised them to change their passwords, saying that a database with encrypted passwords and other "non-financial data" had been breached--eBay told the legislators that the additional data compromised included e-mail address, physical address, phone number and birth date.

The legislators applauded the company for alerting its users in an e-mail, but were worried about data security at the online auction site. They have co-sponsored the Data Accountability and Trust Act, an effort to better protect online privacy and security.

Among the answers they want are how other, personally identifiable, information was not breached, how eBay can be so sure it wasn't, and whether eBay noticed any breach of location information related to accessing the site on mobile devices.

They also not-so-subtly suggest eBay should assess its current data security protocols if it hasn't already, and ask for info on how many breaches the company has had since it was founded in 1995 and if the number of "major" breaches has increased in recent years.

They gave the company until June 25 to respond.

Related