Updated from 10:15 a.m. ET to include analyst comments and afternoon share prices
NEW YORK (TheStreet) - E-commerce giant eBay (EBAY) said on Wednesday cyberattackers hacked into a small number of employee log-in credentials, allowing unauthorized access to the company's corporate databases. As a result, the online marketplace urged customers to change their passwords and also noted it had yet to see a rise in fraudulent activity or any compromise of its mobile payments arm, PayPal.
Still, an investigation into the attack is ongoing. eBay said on Wednesday it is working with law enforcement and security experts on the matter.
eBay said databases at the company were hacked between late February and early March, and data stolen as a result of the attack included eBay customers' name, encrypted password, email address, physical address, phone number and date of birth. The hacked database, however, did not contain financial information or other confidential personal information. eBay also emphasized on Wednesday it keeps PayPal data separate from its online marketplace.
"The compromised employee log-in credentials were first detected about two weeks ago. Extensive forensics subsequently identified the compromised eBay database, resulting in the company's announcement today," eBay said.
eBay said that the investigation into the cyberattack is ongoing. "The company is aggressively investigating the matter and applying the best forensics tools and practices to protect customers," eBay said, while noting that it is working with law enforcement and security experts on the investigation.
"Data security has been on the forefront of industry and consumer minds following the recent notable data breaches (i.e., Target, which resulted in compromised financial information)," Sanjay Sakhrani, an analyst at Keefe, Bruyette & Woods, said in a Wednesday client note.