23.1.2023 | 06:54
• PayPal faced a major data breach in December 6-8, 2022, with 34,942 accounts compromised
• The hackers accessed sensitive information such as name, address, personal tax identification numbers, social security number, and date of birth
• PayPal has sent notifications to all the affected accounts asking them to change their passwords
PayPal, one of the world’s largest online payment services platforms, recently faced a data breach that compromised the accounts of nearly 35,000 customers. The breach occurred between December 6 and December 8, 2022, and hackers were able to access sensitive information such as names, addresses, personal tax identification numbers, social security numbers, and dates of birth.
In response to the breach, PayPal sent notifications to all affected accounts, asking them to immediately change their passwords. The company also noted that there had been no breach in their systems and the attack had been carried out through credential-stuffing.
Credential-stuffing is a type of cyberattack that takes advantage of stolen usernames and passwords. Hackers use stolen credentials to gain access to accounts, making it difficult to detect the attack. In this case, the company noticed the suspicious activity on December 20 and immediately shut down the access and began an investigation.
In order to protect their customers, PayPal has implemented a number of measures, including enhanced security protocols and additional fraud prevention processes. The company is also offering a free one-year subscription to their identity theft protection service to all impacted customers.
PayPal is urging customers to remain vigilant and protect themselves from cybercrime by using strong passwords and two-factor authentication. The company also recommends that customers frequently monitor their accounts for any suspicious activity and immediately report any unauthorized charges or activities.