Stolen eBay data up for sale – but is it really from eBay?

The UK website Telegraph reported today that they have discovered what may be the first attempt to sell identity information stolen from eBay sometime last February.

“Personal data in a format ‘consistent’ with the information stolen by hackers from eBay has been posted online in what is thought to be an underground advert hawking the details to identity thieves.

“Information about 715 individuals are listed in a document posted online and seen by the Telegraph including full names, postal and email addresses, phone numbers and dates of birth – the same details which eBay admitted that it had lost.

“Most of the addresses appear to be in Malaysia and other South East Asian countries. None of the revealed records are believed to belong to UK or European users, although 17 million of the total records belong to Britons.”

I’m a bit suspicious about this story for a number of reasons. First, why only 715? eBay reported that the cyber thieves who breached their security earlier this year made off with something like 145 million records so why not publish a 1,000 or 10,000 or a million?

Second, why only addresses for people in Malaysia and South East Asia? Wouldn’t names and addresses for presumably wealthier Americans and Europeans be more attractive bait?

Finally, the timing seems a bit too convenient. If the hackers had all those names and addresses for months why would they wait to leak just a handful of names the day after the eBay breach exploded across the news networks? Wouldn’t they have been trying to broker deals with other cyber criminals weeks if not months ago? And wouldn’t they try to make it a bit less obvious?

I think this is just a third-rate hacker (somewhere in Malaysia most likely) who cobbled together a quick list of people and organized the data so that it looked like the eBay data. I think it might be fake teaser data set out as bait in an attempt to scam the scammers. ‘See, we’ve got the data so let’s cut a deal for the rest of it.’

Or it could be a trap set up by some Malaysian cyber police force in an attempt to lure out those who would want to buy stolen identity records and they are just piggy-backing on the eBay story.

Guy Wright

Guy Wright has been covering the technology space since the days when computers had cranks and networks were steam powered. He has been a writer and editor for more years then he cares to admit.


Contrasting Michael Dell and Meg Whitman

I’m at EMC World 2016 this week and it is likely the last EMC World. Next year, the company will be called Dell EMC and operate as a unit under the Dell Technology Group. In what was an elegant hand off during the opening keynote, EMC CEO Joe Tucci passed the torch, figuratively not literally (though that would have been cool), to Michael Dell who will be chairman of the new combined entity. Michael has not been known previously for being a great speaker but he really stepped up. His poise, timing and eloquence were a match for some of the best CEO speakers I’ve seen. One thing he seemed to...

Six Game of Thrones Characters We Want Resurrected

Here’s a list of dead characters from Game of Thrones who would be badass if resurrected like Jon Snow.

Newly Discovered Planets May Boost Search for Life Beyond Earth

The discovery was made using Europe’s Transiting Planets and Planetesimals Small Telescope, or TRAPPIST.