SlideShare a Scribd company logo

ebay_data_breach

D
DamaineFranklinMScBE

In 2014, eBay experienced one of the most significant data breaches of the 21st century that affected 145 million of its customers. The data breach exposed customer details such as; names, dates of birth, address, encrypted passwords and phone numbers. The data breach was a result of attackers using employee information to gain access to eBay’s corporate network. The breach was discovered in May 2014 and was later discovered that it had gone on for at least one month. The company later stated that it had no reason to believe that the customer passwords were compromised since the hackers would not have managed to break the encryption that protected them (Finkle, Catterjee & Maan, 2014). However, it was highly advisable that all customers change their passwords to remain on the safe side.

Education
1 of 4
Download to read offline
Running Head: EBAY 1 EBay Data Breach Name Institutional Affiliation Date
EBAY 2 1. The Event In 2014, eBay experienced one of the most significant data breaches of the 21st century that affected 145 million of its customers. The data breach exposed customer details such as; names, dates of birth, address, encrypted passwords and phone numbers. The data breach was a result of attackers using employee information to gain access to eBay’s corporate network. The breach was discovered in May 2014 and was later discovered that it had gone on for at least one month. The company later stated that it had no reason to believe that the customer passwords were compromised since the hackers would not have managed to break the encryption that protected them (Finkle, Catterjee & Maan, 2014). However, it was highly advisable that all customers change their passwords to remain on the safe side. 2. Threat Source The threat source in the case of eBay was a structural threat. Structured threats are organized actions to breach a specific network or organization. In the case of eBay, the attackers organized the attack by first phishing log-in credentials from a group of employees. The attackers then targeted the company's corporate network where they were able to access details of over 145 million customers. Type of Threat Source Although not many details were provided about the attack, external individuals and organizations are believed to have been the threat source. Their aim is always to access important customer details through which they can send phishing e-mails to gain access to other important accounts, such as bank accounts, which they may steal information and money. Their information can also
EBAY 3 be sold to other parties where the groups make monetary gains. It is one of the reasons why it was recommended that customers change their passwords on eBay and any other linked accounts to ensure that the attackers would not be able to access their information. 3. Exploited Vulnerability The vulnerability exploited in this scenario was eBay’s weak security system. The system was accessed by people outside the corporation and managed to stay hidden for a month without detection. There were no changes for a significant period of time which allowed the attackers to take their time in siphoning as much information as possible. Many organization always fall victim to such attacks due to their weak and vulnerable systems. 4. Absent Controls and How they Contributed to the Breach The absent controls in this case were a strong system security that could detect intrusions and any suspicious activities. It can easily be pointed out that the employee details were able to access the entirety of the system and siphon as much information as possible (McAfee, 2014). However, such a problem can easily be solved by hiring a team of professionals that can create a better system security that has capabilities to detect such activities and report them. The team will monitor the system throughout and identify any red flags that could cause threats to the company. The team can also come up with additional measures based on vulnerabilities they identify over time. As such, the system will always be secure and its security assured through the highly qualified security team.
EBAY 4 References Finkle J, Catterjee S & Maan L (2014). EBay asks 145 million users to change passwords after cyber attack. Retrieved from https://www.reuters.com/article/us-ebay-password/ebay- asks-145-million-users-to-change-passwords-after-cyber-attack- idUSBREA4K0B420140521 McAfee(2014). How Bad is the eBay Breach? Here Are the Stats. Retrieved from https://www.mcafee.com/blogs/enterprise/cloud-security/how-bad-is-the-ebay-breach- here-are-the-stats/

Recommended

Ebay
EbayEbay
Ebaytigepe2058
 
Ebay cyber attack
Ebay cyber attackEbay cyber attack
Ebay cyber attackDamaineFranklinMScBE
 
June NOW 2014
June NOW 2014June NOW 2014
June NOW 2014Louis Smith
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityJamshidRaqi
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial PlannersMichael O'Phelan
 
Case 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docxCase 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docxtidwellveronique
 
I’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take NextI’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take NextBrian Pichman
 
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenProtecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenCMR WORLD TECH
 

Recommended

Ebay
EbayEbay
Ebaytigepe2058
 
Ebay cyber attack
Ebay cyber attackEbay cyber attack
Ebay cyber attackDamaineFranklinMScBE
 
June NOW 2014
June NOW 2014June NOW 2014
June NOW 2014Louis Smith
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityJamshidRaqi
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial PlannersMichael O'Phelan
 
Case 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docxCase 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docxtidwellveronique
 
I’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take NextI’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take NextBrian Pichman
 
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenProtecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenCMR WORLD TECH
 
Dealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In TechnologyDealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In TechnologyCSCJournals
 
Document-3.docx
Document-3.docxDocument-3.docx
Document-3.docxSonalVanjari
 
Security issue in e commerce
Security issue in e commerceSecurity issue in e commerce
Security issue in e commerceBosco Technical Training Society, Don Bosco Technical School (Aff. GGSIP University, New Delhi)
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enoughEMC
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemAffine Analytics
 
Social Engineering 2.0
Social Engineering 2.0Social Engineering 2.0
Social Engineering 2.0Murray Security Services
 
Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"abercius24
 
Sholove cyber security 101 28 june 2015
Sholove cyber security 101 28 june 2015Sholove cyber security 101 28 june 2015
Sholove cyber security 101 28 june 2015SHOLOVE INTERNATIONAL LLC
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDFBan Selvakumar
 
The Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data TheftThe Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data TheftCase IQ
 
Ce hv8 module 02 footprinting and reconnaissance
Ce hv8 module 02 footprinting and reconnaissanceCe hv8 module 02 footprinting and reconnaissance
Ce hv8 module 02 footprinting and reconnaissanceMehrdad Jingoism
 
Part 1 Vulnerability AssessmentNambo FrancisN.docx
Part 1 Vulnerability AssessmentNambo FrancisN.docxPart 1 Vulnerability AssessmentNambo FrancisN.docx
Part 1 Vulnerability AssessmentNambo FrancisN.docxdanhaley45372
 
Computer Security - Case Study
Computer Security - Case StudyComputer Security - Case Study
Computer Security - Case StudyDamaineFranklinMScBE
 
eBay's Big "Whoops": What Others Can Learn From It
eBay's Big "Whoops": What Others Can Learn From IteBay's Big "Whoops": What Others Can Learn From It
eBay's Big "Whoops": What Others Can Learn From ItPerfectCloud Corp.
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Aviva Spectrum™
 
Chapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptxChapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptxPrinceKumar851167
 
What Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For HackersWhat Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For HackersJaime Manteiga
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docxsaivarun91
 
Digital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and UnicafDigital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and UnicafDamaineFranklinMScBE
 
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...DamaineFranklinMScBE
 

More Related Content

Similar to ebay_data_breach

Dealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In TechnologyDealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In TechnologyCSCJournals
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enoughEMC
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemAffine Analytics
 
Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"abercius24
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
The Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data TheftThe Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data TheftCase IQ
 
Ce hv8 module 02 footprinting and reconnaissance
Ce hv8 module 02 footprinting and reconnaissanceCe hv8 module 02 footprinting and reconnaissance
Ce hv8 module 02 footprinting and reconnaissanceMehrdad Jingoism
 
Part 1 Vulnerability AssessmentNambo FrancisN.docx
Part 1 Vulnerability AssessmentNambo FrancisN.docxPart 1 Vulnerability AssessmentNambo FrancisN.docx
Part 1 Vulnerability AssessmentNambo FrancisN.docxdanhaley45372
 
eBay's Big "Whoops": What Others Can Learn From It
eBay's Big "Whoops": What Others Can Learn From IteBay's Big "Whoops": What Others Can Learn From It
eBay's Big "Whoops": What Others Can Learn From ItPerfectCloud Corp.
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Aviva Spectrum™
 
Chapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptxChapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptxPrinceKumar851167
 
What Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For HackersWhat Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For HackersJaime Manteiga
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docxsaivarun91
 

Similar to ebay_data_breach (20)

Dealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In TechnologyDealing with Data Breaches Amidst Changes In Technology
Dealing with Data Breaches Amidst Changes In Technology
 
Document-3.docx
Document-3.docxDocument-3.docx
Document-3.docx
 
Security issue in e commerce
Security issue in e commerceSecurity issue in e commerce
Security issue in e commerce
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enough
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection system
 
Social Engineering 2.0
Social Engineering 2.0Social Engineering 2.0
Social Engineering 2.0
 
Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"
 
Sholove cyber security 101 28 june 2015
Sholove cyber security 101 28 june 2015Sholove cyber security 101 28 june 2015
Sholove cyber security 101 28 june 2015
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-Force
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDF
 
The Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data TheftThe Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data Theft
 
Ce hv8 module 02 footprinting and reconnaissance
Ce hv8 module 02 footprinting and reconnaissanceCe hv8 module 02 footprinting and reconnaissance
Ce hv8 module 02 footprinting and reconnaissance
 
Part 1 Vulnerability AssessmentNambo FrancisN.docx
Part 1 Vulnerability AssessmentNambo FrancisN.docxPart 1 Vulnerability AssessmentNambo FrancisN.docx
Part 1 Vulnerability AssessmentNambo FrancisN.docx
 
Computer Security - Case Study
Computer Security - Case StudyComputer Security - Case Study
Computer Security - Case Study
 
eBay's Big "Whoops": What Others Can Learn From It
eBay's Big "Whoops": What Others Can Learn From IteBay's Big "Whoops": What Others Can Learn From It
eBay's Big "Whoops": What Others Can Learn From It
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach
 
Chapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptxChapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptx
 
What Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For HackersWhat Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For Hackers
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docx
 

More from DamaineFranklinMScBE

Digital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and UnicafDigital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and UnicafDamaineFranklinMScBE
 
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...DamaineFranklinMScBE
 
Formative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksFormative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksDamaineFranklinMScBE
 
Classical Cryptography and Digital Encryption
Classical Cryptography and Digital EncryptionClassical Cryptography and Digital Encryption
Classical Cryptography and Digital EncryptionDamaineFranklinMScBE
 
Identity, Authentication, and Access Control
Identity, Authentication, and Access ControlIdentity, Authentication, and Access Control
Identity, Authentication, and Access ControlDamaineFranklinMScBE
 
Is online education an effective replacement for traditional classroom teaching?
Is online education an effective replacement for traditional classroom teaching?Is online education an effective replacement for traditional classroom teaching?
Is online education an effective replacement for traditional classroom teaching?DamaineFranklinMScBE
 
What is The Role of Students in Online Courses?
What is The Role of Students in Online Courses?What is The Role of Students in Online Courses?
What is The Role of Students in Online Courses?DamaineFranklinMScBE
 

More from DamaineFranklinMScBE (12)

Digital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and UnicafDigital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and Unicaf
 
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
LEGAL AND REGULATORY STRUCTURE PREVAILING IN THE UK RELATED TO DATA PRIVACY A...
 
Security Management
Security ManagementSecurity Management
Security Management
 
Security Management
Security ManagementSecurity Management
Security Management
 
Formative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksFormative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering Attacks
 
Classical Cryptography and Digital Encryption
Classical Cryptography and Digital EncryptionClassical Cryptography and Digital Encryption
Classical Cryptography and Digital Encryption
 
Identity, Authentication, and Access Control
Identity, Authentication, and Access ControlIdentity, Authentication, and Access Control
Identity, Authentication, and Access Control
 
Is online education an effective replacement for traditional classroom teaching?
Is online education an effective replacement for traditional classroom teaching?Is online education an effective replacement for traditional classroom teaching?
Is online education an effective replacement for traditional classroom teaching?
 
What is The Role of Students in Online Courses?
What is The Role of Students in Online Courses?What is The Role of Students in Online Courses?
What is The Role of Students in Online Courses?
 
Case Study.pdf
Case Study.pdfCase Study.pdf
Case Study.pdf
 
IT & Internet Law
IT & Internet LawIT & Internet Law
IT & Internet Law
 
IT and Internet Law
IT and Internet LawIT and Internet Law
IT and Internet Law
 

Recently uploaded

Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxVishalSingh1417
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...KokoStevan
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxnegromaestrong
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesCeline George
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 

Recently uploaded (20)

Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 

ebay_data_breach

  • 1. Running Head: EBAY 1 EBay Data Breach Name Institutional Affiliation Date
  • 2. EBAY 2 1. The Event In 2014, eBay experienced one of the most significant data breaches of the 21st century that affected 145 million of its customers. The data breach exposed customer details such as; names, dates of birth, address, encrypted passwords and phone numbers. The data breach was a result of attackers using employee information to gain access to eBay’s corporate network. The breach was discovered in May 2014 and was later discovered that it had gone on for at least one month. The company later stated that it had no reason to believe that the customer passwords were compromised since the hackers would not have managed to break the encryption that protected them (Finkle, Catterjee & Maan, 2014). However, it was highly advisable that all customers change their passwords to remain on the safe side. 2. Threat Source The threat source in the case of eBay was a structural threat. Structured threats are organized actions to breach a specific network or organization. In the case of eBay, the attackers organized the attack by first phishing log-in credentials from a group of employees. The attackers then targeted the company's corporate network where they were able to access details of over 145 million customers. Type of Threat Source Although not many details were provided about the attack, external individuals and organizations are believed to have been the threat source. Their aim is always to access important customer details through which they can send phishing e-mails to gain access to other important accounts, such as bank accounts, which they may steal information and money. Their information can also
  • 3. EBAY 3 be sold to other parties where the groups make monetary gains. It is one of the reasons why it was recommended that customers change their passwords on eBay and any other linked accounts to ensure that the attackers would not be able to access their information. 3. Exploited Vulnerability The vulnerability exploited in this scenario was eBay’s weak security system. The system was accessed by people outside the corporation and managed to stay hidden for a month without detection. There were no changes for a significant period of time which allowed the attackers to take their time in siphoning as much information as possible. Many organization always fall victim to such attacks due to their weak and vulnerable systems. 4. Absent Controls and How they Contributed to the Breach The absent controls in this case were a strong system security that could detect intrusions and any suspicious activities. It can easily be pointed out that the employee details were able to access the entirety of the system and siphon as much information as possible (McAfee, 2014). However, such a problem can easily be solved by hiring a team of professionals that can create a better system security that has capabilities to detect such activities and report them. The team will monitor the system throughout and identify any red flags that could cause threats to the company. The team can also come up with additional measures based on vulnerabilities they identify over time. As such, the system will always be secure and its security assured through the highly qualified security team.
  • 4. EBAY 4 References Finkle J, Catterjee S & Maan L (2014). EBay asks 145 million users to change passwords after cyber attack. Retrieved from https://www.reuters.com/article/us-ebay-password/ebay- asks-145-million-users-to-change-passwords-after-cyber-attack- idUSBREA4K0B420140521 McAfee(2014). How Bad is the eBay Breach? Here Are the Stats. Retrieved from https://www.mcafee.com/blogs/enterprise/cloud-security/how-bad-is-the-ebay-breach- here-are-the-stats/