eBay just revealed that their systems were hacked earlier this year. Encrypted passwords and other non-financial data were stolen.

Anyone with an eBay account is strongly encouraged to change their password as soon as possible.

Oddly, when I logged into my eBay account to change my password a few hours ago, there was no mention of this breach or any warning about changing passwords. The only announcement of the breach from eBay seems to be this blog post on ebayinc.com. Ars Technica has more information about this unfortunate lapse on the part of eBay.

Update 2014May23: All the recent attention to their passwords is leading to some criticism of eBay’s password-handling procedures. Hopefully eBay will be quick to improve in this area.

Update 2014May25: Lost in all the concern about password changes is the fact that even if none of the stolen encrypted passwords are cracked, the other – unencrypted – information stolen (including eBay customer names, email addresses, physical addresses, phone numbers and dates of birth) will be very useful for anyone involved in credit card fraud and phishing efforts. And there’s not much you can do about that.