Attorney generals in at least three states have begun investigations into the cyberattack on eBay that made off with an encrypted database of customers' passwords. Reuters reports that Connecticut, Florida, and Illinois have begun a joint investigation, but that it's unclear what legal authority those states will have over eBay, which disclosed the breach earlier this week. New York's attorney general, Eric Schneiderman, is also calling on eBay to provide free credit monitoring to those whose accounts were compromised, and he says that he expects eBay to provide that service.
"The reported eBay data breach could be of historic proportions.""The magnitude of the reported eBay data breach could be of historic proportions, and my office is part of a group of other attorneys general in the country investigating the matter," Florida Attorney General Pam Bondi says in a statement. Connecticut Attorney General George Jepsen also said that his office would be looking into what steps eBay is taking to avoid future security breaches. "However," Jepsen said, "the most important step for consumers to take right now is to change their password and to choose a strong, unique password that is not easily guessed."
The states largely haven't detailed what they intend to do as part of their investigation, but, in the aftermath of the Target security breach that saw around 40 million credit and debit card stolen, authorities appear to be taking cyberattacks with an increasing gravity. eBay hasn't disclosed the extent of what was taken, though it appears that eBay itself could still be working through that. Reuters reports that the company initially wasn't aware that customers' information was compromised, and that the move toward a quick disclosure only happened after that.