This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at http://www.bbc.co.uk/news/technology-28440296

The article has changed 6 times. There is an RSS feed of changes available.

Version 2 Version 3
Six charged after eBay's Stubhub suffers cyber-thefts Six charged after eBay's Stubhub suffers cyber-thefts
(35 minutes later)
Six people have been charged in a scam that defrauded eBay's Stubhub business of around $1m (£587,000).Six people have been charged in a scam that defrauded eBay's Stubhub business of around $1m (£587,000).
The charges came after more than 1,600 accounts belonging to the online ticket resale service were broken into and used to make purchases without the owners' permissions.The charges came after more than 1,600 accounts belonging to the online ticket resale service were broken into and used to make purchases without the owners' permissions.
The attack involved a "global cybercrime ring", according to New York County's district attorney office.The attack involved a "global cybercrime ring", according to New York County's district attorney office.
Three of the men were arrested in London.
It is the second breach to have been disclosed by eBay this year.It is the second breach to have been disclosed by eBay this year.
However, in this latest case the firm said its servers had not been hacked.However, in this latest case the firm said its servers had not been hacked.
Stubhub spokesman Glenn Lehrman said that the company had worked with law enforcement officers across the globe after being alerted to the problem. "The arrests today relate to fraudulent transactions that were detected on existing Stubhub customer accounts in 2013," said Stubhub spokesman Glenn Lehrman.
"To be clear, there have been no intrusions into Stubhub system," he said. "These legitimate customer accounts were accessed by cybercriminals who had obtained the customers' login and password either through data breaches of other websites and retailers, or through the use of key-loggers and/or other malware on the customer's own PC."
"The arrests today relate to fraudulent transactions that were detected on existing Stubhub customer accounts in 2013. City of London Police commissioner Adrian Leppard added: "This is an important investigation, targeting cyber criminals who are believed to have defrauded Stubhub out of $1m, by hacking its United States' customers' accounts to fraudulently purchase and sell tickets, and then laundered their criminal profits through legitimate UK bank accounts."
"These legitimate customer accounts were accessed by cybercriminals who had obtained the customers' login and password either through data breaches of other websites and retailers, or through the use of key-loggers and/or other malware on the customer's own PC. The Royal Canadian Mounted Police, the US Secret Service and the New York City Police Department (NYPD) were also involved in the arrests.
"Once fraudulent transactions were detected on a given account, customers were immediately contacted by Stubhub's trust and safety team, who refunded any unauthorized transactions, and assisted the customer with changing their password to secure their account from further activity."
City of London Police and the Royal Canadian Mounted Police were also involved in the arrests.
EBay made users change their passwords to its main online marketplace in May after revealing hackers had accessed a database containing names, encrypted passwords, email addresses, physical addresses, phone numbers and dates of birth.EBay made users change their passwords to its main online marketplace in May after revealing hackers had accessed a database containing names, encrypted passwords, email addresses, physical addresses, phone numbers and dates of birth.
It said at the time that it had no evidence of that attack resulting in unauthorised activity on its members' accounts.It said at the time that it had no evidence of that attack resulting in unauthorised activity on its members' accounts.