If I were a major multinational internet firm that had been hacked..

[lovingboth]

.. leading to a loss of customers' names, dates of birth, phone numbers, physical addresses, email addresses, and "encrypted" passwords, I would:

a) say something on the front page of the site; and

b) say something on the site's media centre press release page; and

c) say something on the site's announcements page; and

d) say something on the login page; and

e) say something on the landing page when someone does log in; and

f) say something in an email to every customer.

eBay has done none of those. It did tweet something though.

Comments

[liv]

I agree, I think eBay have handled this remarkably badly, for such a major breach.

[softfruit.livejournal.com]

*blink*

Tempting to think it was just the twitter account got hacked!

[lovingboth]

I did wonder if assorted media outlets had fallen for a hoax, but there's a statement on the US corporate site - this is the sort of thing that they have to report to their US stock exchange.

But, yes, this is staggeringly irresponsible behaviour.

[drdoug.livejournal.com]

It's also bloody hard finding the damn password change option!

[ramtops.livejournal.com]

I didn't find it remotely hard …

[porsupah.livejournal.com]

It was quite astounding - but, I suppose we should expect no more from a company like that. The email delivery took multiple days - so, as you say, why not tweak the site itself to alert everyone who uses the site immediately?

Not that I've used them in a while now - the way they forced everyone to use PayPal (ie another division of eBay) put me right off. I'd say I'm surprised that was permitted to go ahead in the UK, but consumer protection against monopolies has become something of a weak joke.