PayPal is it safe: PayPal users suffer mass data breach!

Between the 2nd and 6th of December 2022, unauthorised individuals used a credential stuffing attack to gain access to the accounts of 34,942 PayPal users. Customer personal information, including name, address, date of birth, tax ID number, and social security number, may have been accessed by hackers.

In order to prevent credential stuffing attacks, PayPal advises its users not to reuse passwords and turn on two-factor authentication for their accounts. Credential stuffing attacks happen when hackers try different account usernames and password pairs that have been exposed from different websites.

Nearly 35,000 persons were impacted by the security problem, which was reported by PayPal in a notice on January 18 and in a data breach notification to the Maine Attorney General.

The business informed all affected customers that the attackers had lost access to the accounts by December 8th and that "no information suggesting that any of your personal information was abused as a result of this incident, or that there are any illegal transactions on your account."

PayPal has offered free two-year access to Equifax identity monitoring services to everyone affected by the data hack. PayPal encouraged Apple users to switch from passwords to passkeys in 2022, claiming that passkeys are both more secure and simpler for consumers to use.