The company says the attack happened between February and March when hackers accessed a database containing customer names, encrypted passwords, email addresses, birth dates, physical addresses and phone numbers.
"Beginning later today [Wednesday] it will be asking eBay users to change their passwords because of a cyberattack," eBay said in a statement.
"The compromised employee log-in credentials were first detected about two weeks ago. Extensive forensics subsequently identified the compromised eBay database, resulting in the company’s announcement today."
PayPal not affected
The company says it has found no evidence of any unauthorized access to financial or credit card information, or any fraudulent sales activity connected to the breach.
EBay says it has an "active investigation" into the matter, and as such can't comment on the number of customer accounts affected. For now, it is urging all customers to change their passwords as a precaution.
The company also owns electronic payment service PayPal, but eBay says there is no evidence PayPal information was hacked, since that information is stored separately on a secure network.