PayPal data breach overview:
- Who: PayPal is involved in a data dump of more than 15.8 million alleged credentials.
- Why: Hackers claim to have stolen login emails and plaintext passwords, but PayPal denies any new data breach.
- Where: The alleged data breach reportedly includes information from numerous PayPal accounts worldwide.
PayPal is facing allegations of a massive data breach involving 15.8 million credentials, including login emails and plaintext passwords. However, the company firmly denies these claims, asserting that the data dump is linked to a security incident from 2022 rather than a new breach.
The dataset was posted on a popular data leak forum, where hackers claimed the information was recent. Despite these assertions, PayPal representatives have stated that no new breach has occurred.
“There has been no data breach – this is related to an incident in 2022 and not new,” a company spokesperson told media outlet Cybernews.
The alleged data dump includes sensitive information, such as login emails, PayPal passwords and associated URLs. However, the sample size provided by the attackers was too small to verify the claims independently. The low selling price of the dataset further suggests that the data quality may be poor, according to the Cybernews research team.
Hackers claim data obtained in May, but PayPal disputes leak
The attackers claim to have obtained the data in May, which they allege includes information from numerous PayPal accounts worldwide.
If true, this could pose significant risks to users, as it reveals crucial login credentials. However, PayPal maintains that the dataset is tied to a previous incident in 2022.
The attackers’ claims include “thousands of unique and strong-looking” PayPal passwords, but many are reused, indicating that the amount of useful data may be smaller than suggested.
The dataset is being sold for a mere $750, a price that aligns with PayPal’s rebuttal of the breach claims. This low price suggests that the actual volume of user data included is much smaller than the attackers’ claims.
PayPal is taking steps to reassure its users by reiterating that there has been no new breach, and the company complies with stringent security regulations. However, users are encouraged to create strong PayPal passwords and enable multi-factor authentication to protect their accounts.
Are you affected by the alleged PayPal data breach? Let us know in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
165 thoughts onPayPal denies data breach claims after passwords offered up for sale
Add me please
Please let me be apart of this
Add me to settlement please!
Add me please
Add me
Add me
Add me to the settlement please !