It turned out that a cyber attack occurred at PayPal and personal information for about 35,000 people was leaked
paypal breach notification
(PDF file) https://regmedia.co.uk/2023/01/19/paypal_breach_notification.pdf
PayPal accounts breached in large-scale credential stuffing attack
PayPal says crooks accessed 34,942 customers' info • The Register
https://www.theregister.com/2023/01/19/paypal_data_breach/
From December 6th to December 8th, 2022, PayPal experienced a `` credential stuffing attack '' that accessed accounts by brute forcely verifying user names and passwords leaked by password reuse.
According to PayPal, hackers had access to the names, dates of birth, addresses, social security numbers , and personal tax identification numbers of 34,942 users, according to investigations up to December 20, 2022. I'm here.
PayPal sent a notice (PDF file) to approximately 35,000 users whose personal information was allegedly leaked, stating, ``Your personal information has been misused as a result of this incident, or there has been unauthorized access to your account. We have no information indicating that any unauthorized transactions were made, nor is there any evidence that the login credentials were obtained from the PayPal system.'
PayPal has restricted access to the hacker's platform and has taken steps to reset the password of the account whose personal information was leaked.
Users whose personal information has been leaked can receive a service provided by Equifax , a major American consumer credit information company, for two years free of charge to monitor IDs and protect customer data.
PayPal also requires users to set a strong password of at least 12 characters containing alphanumeric characters and symbols to prevent credential stuffing attacks by reusing passwords, and to activate two-factor authentication for their accounts. strongly recommended.
Related Posts:
in Web Service, Posted by log1r_ut