In 2014, this event was one of the biggest hacks. The online auction giant disclosed the attack in May 2014 stating that it exposed names, addresses, dates of birth and encrypted passwords of 145 million users. Financial information which was stored separately was not compromised. The company's stock price in the days after the breach took a major hit, dipping to the lowest since December 2013.
The company said hackers gained access to company systems using the access credentials of three employees. The hackers had complete access for 229 days during which time they were able to make their way to the user database.
Many consumers and security professionals were vocal in their protest of the company's response, in particular criticism for a lack of disclosure to users. Some even called it one of the worst corporate crisis responses ever.
Want to discuss this case? You can purchase a 30 minute conference call with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you: