PayPal is also giving each of those users a two-year subscription to Equifax, an identity monitoring service. If your account was one of them, you’ll be asked to set up a new password the next time you try to log in.
This means that they may have tried to use login credentials stolen elsewhere - in massive quantities - until some of them worked.Īs a response to the attack, PayPal reset the passwords on all of the accounts that were affected. On the other hand, Bleeping Computer reports that the attackers were able to hack into the accounts through credential stuffing. The company didn’t divulge how exactly the attackers were able to access the accounts, although it claims it hasn’t found evidence of hackers stealing the user data directly from PayPal’s systems. Daily reminder to not re-use your passwords It’s unclear what will happen to the stolen data, but it’s safe to assume that some form of identity theft or phishing is in the cards. It’s possible that invoicing data and credit card or debit card details may have been accessed. Half of Google Chrome extensions may be collecting your personal data If you use this free password manager, your passwords might be at risk
Your Windows 11 screenshots may not be as private as you thought