EBay has asked users to change their passwords following a cyberattack that compromised one of its databases, the BBC reports.
The US firm said the database was hacked between late February and early March, and had contained encrypted passwords and other non-financial data.
The auction site added that it had no evidence of there being unauthorised activity on its members’ accounts.
However, it said that changing the passwords was “best practice and will help enhance security for eBay users”.
The California-based company has 128 million active users and accounted for $212bn worth of commerce on its various marketplaces and other services in 2013.
A post on eBay’s corporate site said that cyber-attackers accessed the information after obtaining “a small number of employee log-in credentials”, allowing them to access its systems – something it only became aware of a fortnight ago.
Although the firm also owns the PayPal money transfer service, it said that the division’s data was stored separately, encrypted and that there was no evidence that it had been accessed.
However, it added that any members who used the same login details used on eBay for other sites should also update them.