EBay is mounting a massive damage limitation exercise after revealing that hackers raided its network three months ago.
It is understood some 145 million user records were accessed, forcing the firm to issue a security warning.
But some computing experts want tougher action. Julia Horwitz on the Consumer Protection Counsel at the Electronic Privacy Information Center said: “Changing your password is helpful a couple of times, but after a while you run out of variations on your pet’s name.”
“After that the burden really shifts back to the companies and to [the US] Congress to make sure all the appropriate protections are in place,” she added.
The thieves are thought to have accessed some 145 million records such as passwords, email addresses, birth dates and other personal information.
But eBay, which also works with escrow service PayPal, said financial data, such as credit card numbers, was not taken by the hackers.
The breach could go down as the second-biggest in history at a US company, based on the number of records accessed by the hackers.