Israeli firm uncovers eBay security flaw

The headquarters of eBay. Credit: Wikimedia Commons.

(Israel Hayom/Exclusive to Israeli cyber-security firm Check Point revealed Tuesday that it has discovered a serious flaw in online e-commerce giant eBay’s security, allowing hackers and cyber criminals to use malicious code to target users and steal their online information.

According to a report by Israel’s Channel 2, eBay currently has 160 million registered users worldwide, all of which are at risk. Check Point, which posted its discovery on the company blog, believes that unless eBay acts to rectify this vulnerability immediately, “eBay’s customers will continue to be exposed to potential phishing attacks and data theft.”

The company had informed eBay of its discovery on Dec. 15, but as of Jan. 16, the e-commerce giant said it “has no plans to fix the vulnerability,” Check Point said. According to Check Point, all a hacker needs to do to launch a malicious attack is to set up an eBay store, from which he can send users legitimate-looking links that contain malicious code.

Responding to Check Point’s warning, eBay said, “As a company, we are committed to providing a safe and secure trading platform to our millions of customers worldwide. We take reports suggesting security issues very seriously and work quickly to assess them, as part of our security infrastructure. We consistently adapt our security systems and maintain a responsible system, where we partner with the researchers indicating such issues exist.”

Posted on February 3, 2016 .