Thousands of users affected by eCay Trade hack

The website eCay Trade has been hacked, affecting the security of the email addresses and passwords of thousands of account holders, the site has advised.

Cayman’s Cyber Incident Response Team (CIRT-KY) announced Friday that there had been a cybersecurity breach of the online Classifieds marketplace, one of five websites in the eCay Online Group.

eCay Trade has advised its users to change their passwords to prevent any unauthorized access to their eCay Trade account.

“We can confirm that a significant amount of users’ information that is linked to eCay Trade accounts have been leaked and this breach has the potential to impact not only users’ eCay Trade accounts but other accounts that they may maintain on the web,” a CIRT-KY spokesperson said in a press release. “At this time, we are reiterating eCay Trade’s instructions to users to change their eCay Trade passwords, and would add that it is important that they change any other passwords that are similar to their eCay Trade passwords.”

According to the CIRT press release, there has been an increase in both the frequency and the sophistication of cyber attacks affecting Cayman Islands businesses and entities. CIRT encourages entities in the Cayman Islands serving customers or conducting transactions over the Internet to review and strengthen the security of their systems, processes and servers.

CIRT urges users to employ complex passwords, with combinations of alphanumeric characters, for all online accounts, to change those passwords regularly, and to use different passwords for accounts.

“Awareness plays a key role in responding to any cyber Incident,” a Deloitte Enterprise Risk Services representative who was responsible for notifying CIRT-KY of the leak, said in the press release. “Cyber Incident Response actually begins before an incident occurs by creating a Cyber Incident Response Plan. A set of proactive and responsive capabilities are required for an organization’s operations to rapidly adapt and respond to Cyber Incidents and continue operations with limited impact to the business.”

Any individual or member of a business entity who suspects a cybersecurity breach or vulnerability can email CIRT-KY on [email protected]