Stolen eBay data up for sale – but is it really from eBay?

The UK website Telegraph reported today that they have discovered what may be the first attempt to sell identity information stolen from eBay sometime last February.

“Personal data in a format ‘consistent’ with the information stolen by hackers from eBay has been posted online in what is thought to be an underground advert hawking the details to identity thieves.

“Information about 715 individuals are listed in a document posted online and seen by the Telegraph including full names, postal and email addresses, phone numbers and dates of birth – the same details which eBay admitted that it had lost.

“Most of the addresses appear to be in Malaysia and other South East Asian countries. None of the revealed records are believed to belong to UK or European users, although 17 million of the total records belong to Britons.”

I’m a bit suspicious about this story for a number of reasons. First, why only 715? eBay reported that the cyber thieves who breached their security earlier this year made off with something like 145 million records so why not publish a 1,000 or 10,000 or a million?

Second, why only addresses for people in Malaysia and South East Asia? Wouldn’t names and addresses for presumably wealthier Americans and Europeans be more attractive bait?

Finally, the timing seems a bit too convenient. If the hackers had all those names and addresses for months why would they wait to leak just a handful of names the day after the eBay breach exploded across the news networks? Wouldn’t they have been trying to broker deals with other cyber criminals weeks if not months ago? And wouldn’t they try to make it a bit less obvious?

I think this is just a third-rate hacker (somewhere in Malaysia most likely) who cobbled together a quick list of people and organized the data so that it looked like the eBay data. I think it might be fake teaser data set out as bait in an attempt to scam the scammers. ‘See, we’ve got the data so let’s cut a deal for the rest of it.’

Or it could be a trap set up by some Malaysian cyber police force in an attempt to lure out those who would want to buy stolen identity records and they are just piggy-backing on the eBay story.

Guy Wright

Guy Wright has been covering the technology space since the days when computers had cranks and networks were steam powered. He has been a writer and editor for more years then he cares to admit.


Lenovo’s Powerful Potential Global Market Position

This last week I was with Lenovo going over their server, storage, and networking strategy as they continue their pivot to become one of the last remaining hardware focused vendors in a market more often defined by change than focus these days. One of the things that strikes me as a huge competitive advantage is that unlike most technology companies that are based in either the US or Asia, Lenovo is pretty much evenly balanced between the US and China putting them closer to a future model of being more of a global company than one located in any one country. Let’s explore that this week. The...

Mistakes Businessmen Make When First Promoting Their Startups

Statistics are pretty grim when looking at startups. Most of those launched will fail and the failure percentage is actually a lot higher than many imagine.

Virtual Reality: A Game-Changer for Sports

Virtual reality has the potential to make courtside seats at basketball games affordable for the everyday viewer.