Here is the story: http://www.washingtonpost.com/blogs/the-switch/wp/2014/05/21/ebay-asks-145-million-users-to-change-passwords-after-data-breach/?utm_content=buffer21d31&utm_medium=social&utm_source=twitter.com&utm_campaign=bufferWhat do you think of SAuth? It could really harden such cases and protect users from leaked passwords. Here is how it works: http://www.cs.columbia.edu/~kontaxis/sauth/index.html