145 million users exposed by phishing aimed at employees of online marketplace


In 2014, this event was one of the biggest hacks. The online auction giant disclosed the attack in May 2014 stating that it exposed names, addresses, dates of birth and encrypted passwords of 145 million users. Financial information which was stored separately was not compromised. The company's stock price in the days after the breach took a major hit, dipping to the lowest since December 2013.

The company said hackers gained access to company systems using the access credentials of three employees. The hackers had complete access for 229 days during which time they were able to make their way to the user database.

Many consumers and security professionals were vocal in their protest of the company's response, in particular criticism for a lack of disclosure to users. Some even called it one of the worst corporate crisis responses ever.

Book a consultation

Want to discuss this case? You can purchase a 30 minute conference call with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:


  • eBay Inc.

We've done the analysis so you can make the decisions

When purchasing a minimum of 5 Case Studies
$699.99 if buying less than 5.

  • Detailed cause & effect analysis
  • Lessons learnt catalogued
  • Preventive controls extracted
Add to Cart
Heads up! Want to try before you buy? You can download our FREE demo case study here