Other's eBay account had been hacked

FYI: This is a real story I received from a friend of mine:

-------------------------------
My painful experience - account thief

This past Sunday night, I found out I got dozens email for "eBay
Listing Confirmed". The items listed are very good stuff with
very attractive price. Such as
NEW-JAMES BOND 007 COLLECTION - 20 DVD BOX ED SET ! Buy It Now
for $55
The X-Files Seasons 1-9 (DVD Boxed Sets) BRAND NEW! Buy It Now
for $70.00
....

Total listed price is over $1000.

I immediately realized my Ebay account got hacked, so I
1. changed my password to a very difficult one(my previous was
very simple and most Chinese people like)
2. Went Ebay website, reported my case online.
3. Sent Ebay email reporting my case
4. I tried to remove the listings, but I could not, so I changed
some of the Listing titles from
such as
"The X-Files Seasons 1-9 (DVD Boxed Sets) BRAND NEW!"
to
"Don't bid. Listed by hacker. Reported to Ebay already."
5. Went bed with a rabbit in my heart.
6. In the morning, to my surprise that I got 3 congratulations
emails from Ebay:"Congratulations, your item sold!"
and one buyer even already paid.
7. I was unhappy that Ebay did not do anything overnight, so I
emailed to all the buyers that "Don't pay".
8. A buyer emailed me back:
Item: Don't bid. Listed by hacker. Reported to Ebay already.
(300102191901)
"xxxxx" is the winner.
Since i had saved this item, i did not see the notice not to bid
until it was too late. Can you have this item removed without
negative feedback. Much appreciated.
9. The person who paid called me back, but he nor me can do
nothing.
10. I tried to call Ebay, but I could not find the phone #. I
found the a "live chat" on Ebay.com. I chatted with a person,
and she/he could not do anything, but instructed me to use
"secure live chat", that is, log in first. After about 40
minutes waiting a guy came on line. He asked my many questions
and even called me confirming my identity.
11. This secure chat person did a great job. He removed all the
listings, refund all my listing fee(about $100), and promised me
to help to get money back from the person who already paid.
12. The person who paid, gave me the name of the people who
received money. They are li zhou and dian zhi you jian.
13. The secure chat person will do more investigation about this
account thief.
14. So far, after spending many hours, everything seems fine
now.

What the account theft did and what he/she would do:
chose Sunday night listed items. Buy It Now only for three days.
Since they were priced good, and all may be sold in three days
by "Buy It Now". The thief chose XXX's paypal account to
receive buyers' money. Then the money go to XXX and
YYY's paypal account.

XXX and YYY may be a victim also, because my
account theft may be also an identity theft who stole XXX
and YYY's IDs.

The account theft may use an fake ID, or XXX/YYY's ID, opened an
bank account/Paypal account and used a public PC logged/created
email/paypal account, so the police may never get them.

If I did not check my email for a few days, the account thief
may get the check from Paypal or money goes to their bank
account. After they get money, they run and leave over $1000
mess for me and the buyers.

Lessons learned: Passwords to any accounts should be as
difficult as possible, monitor all your accounts as often as
possible, read email as much as possible, but don't get fooled
by fishing email.

Be careful!