Author Topic: PayPal breached  (Read 1788 times)

0 Members and 1 Guest are viewing this topic.

Offline Maik

  • Administrator
  • Forum Deity
  • *****
  • Posts: 35164
PayPal breached
« on: Friday, 20 January, 2023 @ 14:16:36 »
Quote
PayPal accounts breached in large-scale credential stuffing attack

PayPal is sending out data breach notifications to thousands of users who had their accounts accessed through credential stuffing attacks that exposed some personal data.

According to the data breach reporting from PayPal, 34,942 of its users have been impacted by the incident. During the two days, hackers had access to account holders' full names, dates of birth, postal addresses, social security numbers, and individual tax identification numbers.

PayPal says it took timely action to limit the intruders' access to the platform and reset the passwords of accounts confirmed to have been breached.

Also, the notification claims that the attackers have not attempted or did not manage to perform any transactions from the breached PayPal accounts.

The company strongly recommends that recipients of the notices change the passwords for other online accounts using a unique and long string. Typically, a good password is at least 12-characters long and includes alphanumeric characters and symbols.

Moreover, PayPal advises users to activate two-factor authentication (2FA) protection from the 'Account Settings' menu, which can prevent an unauthorized party from accessing an account, even if they have a valid username and password.
https://www.bleepingcomputer.com/news/security/paypal-accounts-breached-in-large-scale-credential-stuffing-attack/