Ebay claims ads advertising stolen customer account information are fake, despite the contents being consistent with the hacked data.

On Thursday, half a dozen separate ads appeared on text file sharing website Pastebin claiming to be selling copies of the 145 million customers' account information which was compromised in a major security breach reported earlier this week.

The ads were offering the databased for sale for between 0.5 bitcoin and 1.45 bitcoin which at today's exchange rate is between £155 and £450.

Despite those selling the information providing a free sample from over 12,000 accounts, eBay has said "the published lists we have checked so far are not authentic eBay accounts."

The sample available to download through Kim Dotcom's Mega file-sharing site does indeed contain over 12,000 separate entries which are properly formatted with a name, an encrypted password, email address, home address, phone number and date of birth.

The names and address seem to come from the Asia-Pacific region and while the names do belong to real people, the information contained in the sample is not from eBay.


Security expert Kenn White said he checked the first five and last five email addresses from the sample and all were already known to be compromised from previous security breaches.

Ebay Customer Password Warning
Warning to all eBay customers on its website.

However Trey Ford, global security strategist for Rapid7 told The Register: "During initial analysis of 12,663 of the records which have been provided as a free sample, we were able to find some matches between email prefixes and eBay profile name where people are using the same handle.

"This doesn't necessarily mean these credentials are from the eBay attack – it could be that people use the same handle across multiple sites including one that was previously compromised, and the creds are actually from that."

EBay's customer database was breached between late February and early March this year when one or two eBay employees' credentials were compromised.

The e-commerce giant only became aware of the breach two weeks ago when one of the compromised accounts repeatedly tried to access a database for which they didn't have clearance.

The company has 233 million registered accounts of which over 145 million are active. All active account holders have been instructed to change their passwords.

The company has been criticised for its reaction to the accounts being compromised as well as not encrypting all their customers' information and not just their passwords.