Popular Articles
Today Week Month Year

PayPal hack exposes names, social security numbers of 35,000 customers
By Belle Carter // Jan 30, 2023

Around 35,000 PayPal user accounts had been hacked using a method called "credential stuffing," resulting in exposed names and Social Security numbers. The attack involved automatically injecting login credentials that were found during previous data breaches.

The California-based payment platform sent a notice on the website of Maine's Office of the Attorney General. It also sent a letter, dated Jan. 19, about the data breach to its 34,942 impacted users.

"On December 20, 2022, we confirmed that unauthorized parties were able to access your PayPal customer account using your login credentials. We have no information suggesting that any of your personal information was misused as a result of this incident, or that there are any unauthorized transactions on your account. There is also no evidence that your login credentials were obtained from any PayPal systems," the letter read.

Based on the company's investigation, the unauthorized activity occurred between December 6 and December 8, 2022, when it eliminated access for unauthorized third parties, which it did not identify. During this time, the third parties were able to view and potentially acquire, some personal information for certain users, such as full names, dates of birth, Social Security numbers, addresses and tax identification numbers. (Related: WhatsApp HACKED: Nearly 500 million phone numbers from 84 countries and territories put up for sale.)

"If you detect any suspicious activity on an account, change the password and security questions immediately, and promptly notify the company where the account is maintained," PayPal stated and suggested to ass additional security features including enabling the "two-step verification" in the account settings.

Human knowledge is under attack! Governments and powerful corporations are using censorship to wipe out humanity's knowledge base about nutrition, herbs, self-reliance, natural immunity, food production, preparedness and much more. We are preserving human knowledge using AI technology while building the infrastructure of human freedom. Use our decentralized, blockchain-based, uncensorable free speech platform at Brighteon.io. Explore our free, downloadable generative AI tools at Brighteon.AI. Support our efforts to build the infrastructure of human freedom by shopping at HealthRangerStore.com, featuring lab-tested, certified organic, non-GMO foods and nutritional solutions.

"When links are present in an email, individuals should hover [their] mouse over the links to view the actual destination URL and should not click on the link if [they] are unsure of the destination URL or website," the firm also suggested.

On their end, PayPal said it has reset passwords and affected users will also get free identity monitoring services from Equifax, a consumer credit reporting company.

Meanwhile, the finance company said the website and its payment systems were not hacked.

“PayPal's payment systems were not impacted, and no financial information was accessed. We have contacted affected customers directly to provide guidance on this matter to help them further protect their information. The security and privacy of our customers' account information [remain] a top priority for PayPal, and we sincerely apologize for any inconvenience this may have caused," it said.

Passwords are stolen due to previous hacking incidents

Sam Curry, chief security officer at Cybereason, passwords of a large number of users are stolen because of previous hacks. "The hackers were able to brute slam PayPal accounts with these until they found 35,000 matches," Curry said.

Jasson Casey, the chief technology officer at Beyond Identity, said that if a threat actor can access legitimate credentials, even if they’re dumped in a dark-web repository, "they are only a few short, and in most cases, automated steps away from a successful intrusion,"

PCMag's Michael Kan said victims should still always be on guard. He added that the incident is also a reminder to use unique, hard-to-guess passwords on your most important login accounts. "You should also activate the account’s two-factor authentication, which can make it harder for hackers to break in even if they successfully obtained your password," Kan added.

Visit CyberWar.news for more stories like this.

Watch the video below that talks about the Spain hacking scandal that involved the mobile phones of the nation's prime minister and defense minister.

This video is from the American Media Periscope channel on Brighteon.com.

More related stories:

Hackers leak stolen medical records on dark web after Australian health insurer refuses to pay ransom demand.

Optus hacker releases over 10,000 customer details and demands $1 million in cryptocurrency, apologizes later.

PayPal quietly reinserts $2,500 fine into user policy for those accused of pushing 'misinformation.'

PayPal "misinformation fine" fiasco just a small taste of what is to come with Central Bank Digital Currencies and total financial TYRANNY.

Sources include:







Take Action:
Support NewsTarget by linking to this article from your website.
Permalink to this article:
Embed article link:
Reprinting this article:
Non-commercial use is permitted with credit to NewsTarget.com (including a clickable link).
Please contact us for more information.
Free Email Alerts
Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more.

NewsTarget.com © 2022 All Rights Reserved. All content posted on this site is commentary or opinion and is protected under Free Speech. NewsTarget.com is not responsible for content written by contributing authors. The information on this site is provided for educational and entertainment purposes only. It is not intended as a substitute for professional advice of any kind. NewsTarget.com assumes no responsibility for the use or misuse of this material. Your use of this website indicates your agreement to these terms and those published on this site. All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

This site uses cookies
News Target uses cookies to improve your experience on our site. By using this site, you agree to our privacy policy.
Learn More
Get 100% real, uncensored news delivered straight to your inbox
You can unsubscribe at any time. Your email privacy is completely protected.