PayPal data breach overview:
- Who: PayPal is involved in a data dump of more than 15.8 million alleged credentials.
- Why: Hackers claim to have stolen login emails and plaintext passwords, but PayPal denies any new data breach.
- Where: The alleged data breach reportedly includes information from numerous PayPal accounts worldwide.
PayPal is facing allegations of a massive data breach involving 15.8 million credentials, including login emails and plaintext passwords. However, the company firmly denies these claims, asserting that the data dump is linked to a security incident from 2022 rather than a new breach.
The dataset was posted on a popular data leak forum, where hackers claimed the information was recent. Despite these assertions, PayPal representatives have stated that no new breach has occurred.
“There has been no data breach – this is related to an incident in 2022 and not new,” a company spokesperson told media outlet Cybernews.
The alleged data dump includes sensitive information, such as login emails, PayPal passwords and associated URLs. However, the sample size provided by the attackers was too small to verify the claims independently. The low selling price of the dataset further suggests that the data quality may be poor, according to the Cybernews research team.
Hackers claim data obtained in May, but PayPal disputes leak
The attackers claim to have obtained the data in May, which they allege includes information from numerous PayPal accounts worldwide.
If true, this could pose significant risks to users, as it reveals crucial login credentials. However, PayPal maintains that the dataset is tied to a previous incident in 2022.
The attackers’ claims include “thousands of unique and strong-looking” PayPal passwords, but many are reused, indicating that the amount of useful data may be smaller than suggested.
The dataset is being sold for a mere $750, a price that aligns with PayPal’s rebuttal of the breach claims. This low price suggests that the actual volume of user data included is much smaller than the attackers’ claims.
PayPal is taking steps to reassure its users by reiterating that there has been no new breach, and the company complies with stringent security regulations. However, users are encouraged to create strong PayPal passwords and enable multi-factor authentication to protect their accounts.
Are you affected by the alleged PayPal data breach? Let us know in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
236 thoughts onPayPal denies data breach claims after passwords offered up for sale
Add me please
Please add me
Add me please
Add me please
Yes they do offer up PayPal account info on blackpass.io check it out it’s all recent info and yeah I bet that’s what the limitations are for they (PayPal) sell ur info so much they (thier system) has fraud indicators that make you as the consumer look like you’re doing something fishy but in reality PayPal’s people probably the ones who work in India thus having no usa rules selling our info to the dark web
Yes they do offer up PayPal account info on blackpass.io check it out it’s all recent info and yeah I bet that’s what the limitations are for they (PayPal) sell ur info so much they (thier system) has fraud indicators that make you as the consumer look like you’re doing something fishy so there you have it blackpass.io
Some one from PayPal keep trying to take money
i have paypal and i still cant get in my account and i havent been able to for atleast 2 or 3 years and i even ordered a new card and still cant use it.
add me
Add me please
I was denied access to my account my funds or any activity until August and they will not tell me why. Stating that I had gone against the policies which I have not. Contacted them and will get no information over the phone