Typically this blog covers self defense topics, but my real concern is security and the hacking of eBay certainly falls within this category.

If you have an eBay account, there are 3 things you must do right now. Don’t hesitate, don’t procrastinate. You’re in more danger than you realize.

Change the Password/s

If you haven’t already, go to eBay and follow the mandatory password change process. That’s just the first step though.

Chances are that you use the same password for multiple websites. It’s not the best security practice, but people still do it. The hackers know this. This means that both your PayPal and email account are in danger. IF you have the same password on either of them, change it NOW.

Beware of Phishing

Fortunately enough the passwords weren’t in plain text, but encrypted. This means that you have some time before the hackers break the encryption. They’ll probably use rainbow hash tables for that.

The much more immediate threat comes from the other data the hackers stole: your name, your email address, your physical address, your phone number and your date of birth. This means they can craft incredibly believable emails in order to get your financial data. The rule, more than ever, is to not click links in emails that come from financial institutions. Simply type in the address in your browser.

Another form of phishing enabled by this attack is through phone. As a rule, never give out your SSN or credit card info on a phone call you did not initiate, even if the caller knows your name and physical address.

Beware of Identity Theft

Contact any of the 3 major credit reporting agencies: Experian, Equifax or TransUnion and place a fraud alert on your name. The hackers aren’t able to use your credit cards, BUT they can try and open new ones in your name.

Those are the 3 things you must do right NOW, but there is more to it.

You see, your data is now on the open black market and it will stay there. Different scammers and thieves will get it and they’ll try to use it. An attack could happen today or 4 years from now. This is something you have to live with.

This means that you must maintain vigilance for the years to come. Check your credit reports regularly (each of the 3 major credit reporting agencies is required by law to provide you with one for free each 12 months) and beware of social engineering attacks.

What are those? You see email and phone are just two vectors of attack. Chances are you also have accounts on social media sites, forums and a lot of other places. Beware of old acquaintances you don’t remember ever meeting.

From this point on you must switch to a paranoid mindset. eBay dropped the ball hard and you’re the victim.