Neustar International Security Council launched ... » LONDON, UK: Neustar, Inc. has announced the launch of the Neustar International Security Council (NI... RiskIQ Digital Threat Management Platform Recognis... » LONDON, UK: RiskIQ has been recognised in an Ovum Research “On the Radar” report for providing orga... ExtraHop introduces new professional services fo... » UK: Today at Interop ITX has announced new professional services for cloud migration, datacenter mig... MIKE SMITH BECOMES NEW ECA PRESIDENT » A highly respected electrical engineer and businessperson – Mike Smith of SES Engineering Services –... Patriot One obtains purchase agreement with rese... » TORONTO:  Patriot One Technologies Inc. has announced a reseller agreement with Information Technolo... TDSi and LITESTAR announce new partnership in Si... » Poole: TDSi has announced a new partnership with Singapore-based installation specialist LITESTAR Te... FSA 10TH BIRTHDAY TOPS THE BILL AT IFSEC SHOW » Fire and security business representatives are being urged to attend the Fire & Security Association... Intercede announces Secure Login for WordPres... » Lutterworth, England/Reston, VA: Recently, digital identity and credentials expert, Intercede announ... Senior Intelligence Official Ron Moultrie joi... » NEW YORK, NY: Balabit has announced today that the former Director of Operations at the National Sec... Luke Kleszcz joins security manufacturer as Fina... » Poole: Integrated has announced the growth of its Finance team with the appointment of its new Finan...



Talking Point Banner

eBay customers need to be extra cautious when accessing their account activity, personal information and stored messages. Research from has found that many pages on the site, which require user input or contain their personal info, are not HTTPS encrypted.


While eBay does use HTTPS on its most critical pages, such as those where payment or address information is entered, it still lacks encryption on several sensitive pages. When customers send and receive messages from sellers, for example, their communications are not sent over a private channel. Not only could a hacker intercept and read messages, they could modify them in what’s known as a “man-in-the-middle” attack. This could lead to fraud or spam being sent from user accounts.

 eBay does not use HTTPS on its My eBay dashboard, nor on its business-to-customer message pages.

 As a result, private customer information and messages are not sent over private channels, thus the information is vulnerable to hackers.

 eBay's lack of encryption on these pages could be insufficient to meet data privacy standards, including the upcoming GDPR.

 A VPN can mitigate the risks that arise from the lack of HTTPS on these pages.