Will eBay's Data Breach Equal Target's?

The massive data breach that compromised credit card data for 70 million to 110 million Target  (NYSE: TGT  ) customers cost the chain's CEO his job and touched off a wave of panic among American consumers who wondered when the next major attack would occur.

The feared cyber attack appears to have already happened as attorneys general in three states along with European officials are investigating a data breach at eBay  (NASDAQ: EBAY  ) that may have compromised more than 100 million users' passwords. 

"The magnitude of the reported eBay data breach could be of historic proportions, and my office is part of a group of other attorneys general in the country investigating the matter," stated Florida Attorney General Pam Bondi.

eBay addressed the attack on its website and in an email sent to registered users urging them to change their passwords and in a press release posted on its website May 21 urging the same. 

eBay [is] asking eBay users to change their passwords because of a cyberattack that compromised a database containing encrypted passwords and other non-financial data. After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users.

The company explained how the attack occurred, saying that hackers compromised a small number of employee log-in credentials, allowing unauthorized access to eBay's corporate network. The database, which was compromised between late February and early March, included eBay customers' names, encrypted passwords, email addresses, physical addresses, phone numbers, and dates of birth. The database did not contain financial information or other confidential personal information. The company said that the compromised employee log-in credentials were first detected about two weeks ago. 

eBay said it has seen no indication of increased fraudulent account activity on its platform. The company also said it has no evidence of unauthorized access or compromises to personal or financial information for PayPal users. PayPal data is stored separately on a secure network, and all PayPal financial information is encrypted.

The breach is on the same scale as Target's but the fact that credit card data was not stolen may mitigate the consumer fallout.

How bad was the data breach for Target's business?

Interim Target CEO John Mulligan told CNBC's Street Signs last week that the full extent of the damage to the company's business is not yet known.

"We're in a place when it comes to the data breach where we don't have visibility yet to potential third-party liabilities and operating expenses they've incurred," said Mulligan, also the company's chief financial officer. 

Customers however remain mostly confident in the brand -- about 85% of the retail chain's shoppers do not plan to change their spending habits at Target in the next year, according to a Bloomberg national poll. Only 7% plan to reduce their spending.

Those numbers show that the impact for Target might not be catastrophic, but the fallout is still significant.

The retail giant's first quarter net earnings fell 16% to $418 million compared with $498 million in the same period last year. Overall sales actually increased 2.1% so while the company made less money it's not because shoppers were staying away. 

Mulligan did not blame the data breach on the lower profitability, instead pointing to the company's struggling Canadian business and heavy use of discounts. 

"The first quarter we used a significant amount of promotions and our gross margin rate was down more than a full percentage point," he told CNBC. "We'll strike more of a balance as we go forward."

Will eBay suffer?

The difference between Target's breach and eBay's is that it remains to be seen if customers of a purely digital enterprise react more warily to an attack that compromises their information. Target received a ton of bad press and likely burned some good will with its customer base, but ultimately it does not appear the breach cost it many customers.

eBay has the advantage that the fallout of its attack for its customers is the relatively minor hassle of switching passwords. The company also got out in front of the potential scandal and communicated with its users quickly making it clear that credit card data is stored separately in encrypted formats. As the attorneys general and various European agencies investigate the breach, eBay should continue being open about what happened. The company must also pledge to both do what it can to stop future breaches and to determine why it took weeks to detect this one.

If eBay continues to be open about what happened while taking steps to prevent future problems it seems unlikely customers will leave the service or that eBay will face major financial consequences.

Are you ready to profit from this $14.4 trillion revolution?

Let's face it, every investor wants to get in on revolutionary ideas before they hit it big. Like buying PC-maker Dell in the late 1980s, before the consumer computing boom. Or purchasing stock in e-commerce pioneer Amazon.com in the late 1990s, when it was nothing more than an upstart online bookstore. The problem is, most investors don't understand the key to investing in hyper-growth markets. The real trick is to find a small-cap "pure-play" and then watch as it grows in EXPLOSIVE lockstep with its industry. Our expert team of equity analysts has identified one stock that's poised to produce rocket-ship returns with the next $14.4 TRILLION industry. Click here to get the full story in this eye-opening report.


Read/Post Comments (5) | Recommend This Article (0)

Comments from our Foolish Readers

Help us keep this a respectfully Foolish area! This is a place for our readers to discuss, debate, and learn more about the Foolish investing topic you read about above. Help us keep it clean and safe. If you believe a comment is abusive or otherwise violates our Fool's Rules, please report it via the Report this Comment Report this Comment icon found on every comment.

  • Report this Comment On May 25, 2014, at 12:17 PM, foolsmate wrote:

    The unforgivable aspect of the eBay data breach was that eBay hadn't even bothered to encrypt its users details!

    Only the passwords were encrypted which means that someone, somewhere is now sitting on a database of well over 100 million unencrypted names, addresses and dates of birth and it supposedly took eBay nearly two months to even notice, never mind acknowledge the fact and tell anyone!

    A few of us fools have been trying for years to tell the world that eBay was a disaster, sorry, total catastrophe, waiting to happen but did anyone listen?

    Ever since Donahoe arrived, this company has been an absolute basket case. Now the world is finding out the hard way.

  • Report this Comment On May 26, 2014, at 1:50 PM, AntonPhibes wrote:

    "eBay said it has seen no indication of increased fraudulent account activity on its platform."

    Just the normal high level of fraudulent activity.

  • Report this Comment On May 26, 2014, at 2:49 PM, cgreg33 wrote:

    I don't understand these articles. Target was a financial breach. eBay is a password breach. There are no financials even taken. All the person could do is log into somebody's eBay account. Target was 10 times what eBay's is, so this article is a waste of time. Simple answer. "No".

  • Report this Comment On May 26, 2014, at 3:54 PM, PaulApp wrote:

    The eBay users data breach and the stock goes up! It's the sign you're trading one crazy stock!

  • Report this Comment On July 29, 2014, at 4:15 PM, thiagorulez wrote:

    I didn't know eBay suffered a security breach. Who handles something like that? A general practice lawyer might be able to do something about it. OR a specific financial attorney, though I don't know what they call those. Thiago | http://www.lakesidelawyers.com/

Add your comment.

Sponsored Links

Leaked: Apple's Next Smart Device
(Warning, it may shock you)
The secret is out... experts are predicting 458 million of these types of devices will be sold per year. 1 hyper-growth company stands to rake in maximum profit - and it's NOT Apple. Show me Apple's new smart gizmo!

DocumentId: 2971064, ~/Articles/ArticleHandler.aspx, 8/23/2014 11:46:30 AM

Report This Comment

Use this area to report a comment that you believe is in violation of the community guidelines. Our team will review the entry and take any appropriate action.

Sending report...


Advertisement