Okay, the law that comes into play is Section 326 of the USA PATRIOT Act which involves merchant accounts and payment processors. It came into existence in the year 2002. That was when eBay picked up PayPal. That isn't a coincidence. This is the law that requires you to give your SSN to a payment processor.
The problem is that with only a few years to build their system, eBay has not built a credible, secure, or reliable payment processor like PayPal. EBay only announced a plan to use Adyen to run their payment system back in 2018, to be completed by 2021. PayPal had 20 years. A few years isn't enough time to integrate a system like this with a foreign banking system that doesn't understand or care about an online flea market...
...unless the unspoken plan is to allow every sort of harm to befall casual sellers to the point that they leave the platform almost entirely to large business that Adyen is familiar with. Does anyone really think that Adyen and eBay care if a person living off of food stamps loses his social security number to hackers in a breach? Just less of a hassle to them. What we do know is that they do care about their large corporate customers (who are afforded a completely different level of security).
The fact that Amazon and eBay deny these breaches take place is irrelevant. Some of the compromised accounts I'm aware of could not have been hacked due to simple password spraying / brute force dictionary attacks. There are compromised accounts that were very secure and could only have been acquired through a breach.
I really don't think this IS eBay anymore. This is a different place that is borrowing the name.
Message 10 of 26