I've been in touch with our operations and security teams, and I have more information I can share with you about yesterday's incident on the Trust & Safety discussion forum.  In brief, very early yesterday morning, a fraudster posted contact information and alleged credit card numbers for about 1,200 members on our Trust & Safety discussion forum on eBay.com.

While the issue was very unfortunate, it was clearly falsified to cause public concern.  Early on eBay's teams verified that the credit card "data" did not match anything on file for these members on eBay or PayPal.  After more investigation, including phone conversations with many of the members, it appears that these numbers were not valid at all. 

Each of these accounts was the victim of an Account Take Over, most likely through a successful phishing campaign.  eBay has been in contact by phone with many of these members, and there is a My Messages email going out to impacted accounts to further our reach.   

This incident underscores the need for all of us to take proper safety precautions while we're on the internet.  As a reminder, eBay and PayPal will never send an email to you that asks for a response that is not also in My Messages. Before responding to an email that appears to be from eBay or PayPal, check My Messages first.  When in doubt about the authenticity of an email, send to spoof@ebay.com or spoof@paypal.com.

For more information about how to stay safe online, please visit our Security & Resolution Center.