Following a massive cyberattack, eBay is reportedly facing a formal investigation with the government over security practices. The online auction site will have to answer questions about what type of security was in place before hackers gained access to the personal data of its 145 million users, Mashable and CNET report.

The breach was confirmed by investigators last week, and eBay urged users to update their passwords immediately. In late February and early March, hackers used an internal eBay corporate account to spy on usernames, email addresses, physical addresses, phone numbers and dates of birth. While hackers were able to access passwords, they were encrypted, and it’s unlikely that they were compromised.

eBay representatives say that it is currently unknown how many of the 145 million accounts were seen by intruders. The company stressed that no financial information as taken and that the hackers found their way in only through employee login information, Mashable reports.