The cyber attack took place between late February and early March of this year, but eBay only detected it two weeks ago. The company plans to email customers about the security breach (漏洞) and tell them to change their passwords on eBay and any other website where the same password is used. The compromised passwords were encrypted, so it’s unclear if the hackers are able to read them and use them elsewhere online. The cyber attack also swept up details like names and addresses, which could potentially be used to commit fraud outside of eBay. When asked how many people were affected by the attack, eBay referred the Huffington Post to a webpage that simply states the company is asking all 145 million of its active buyers to change their passwords. It’s generally good password hygiene not to use the same password on different websites. But for eBay customers who have doubled up, the company is recommending you change your password on both eBay and all other sites where that same password was used. Cyber attacks can have a chilling effect on online customers, who must trust retailers with sensitive financial information to do business. Discount retailer Target has struggled to recover from a data breach discovered during last year’s holiday shopping season, in which the credit card and debit card records of millions of customers were stolen. Since December, profits for the retail chain have fallen and its CEO has resigned. eBay also said that it does not want to speculate on who committed the attack while it's working with law enforcement.