The Limited Times

Now you can see non-English news...

PayPal accounts hacked: access to personal information of 35 thousand users


The electronic payment company issued a statement to warn its users. What to do preventively.


issued a warning to a group of its customers about the status of their accounts, in particular regarding a security breach.

As they recognized from the American virtual wallet, 

cyber attackers violated the profiles

and some confidential data was compromised.

The company confirmed that on December 20, 2022, an unauthorized third party accessed several PayPal accounts.

According to the first investigations, they discovered that the person responsible for the attack managed to enter between December 6 and 8, 2022.

"During this time, unauthorized third parties were able to view and potentially

acquire certain personal information

for certain PayPal users," the warning reads.

That data includes

usernames, addresses, US Social Security

numbers, individual tax identification numbers, and/or dates of birth.

From the virtual wallet they have not yet explained exactly how the attackers managed to access these accounts, other than stating that

there is "no evidence"

that the login credentials were taken from the company's systems.

How the cyberattack against PayPal was perpetrated

PayPal has more than 200 million users worldwide.

Photo Reuters

The specialized site BleepingComputer reported that the breach is the result of credential stuffing, a type of attack in which hackers "stuff" the login page with numerous keys taken elsewhere

until one finally works


This method relies on people

using the same passwords across multiple services

, so if one is breached, all the others are at risk.

The same report also claims that

34,942 accounts were compromised

and that transaction histories, connected credit or debit card details, and billing data stored by PayPal were likely also accessed.

At the moment there is no indication of what the hackers will do with the data obtained in the attack.

At this time, PayPal does not have any evidence that the data has been used, but it is safe to assume that it could well be used by cybercriminals in 


 or spoofing attacks, as well as other forms of social engineering attacks.

To protect its users, PayPal claims to have reset the passwords of affected users and "enhanced security controls" that require them to set up a new account at their next login.

In addition, in the form of compensation, users received one year of free identity monitoring services through Equifax, a US credit company.

Strong passwords, the key to prevent cybercriminals from violating the security of an account.

Photo: Shutterstock

To do

On the other hand, the company recommends that the recipients of the notices

change the passwords

 using a unique and long chain, more robust, to avoid new incidents.

Generally, a good password is at least 12 characters long and includes alphanumeric characters and symbols.

In addition, PayPal advised that they

turn on two-factor authentication protection

 from the 'Account Settings' menu, which can

prevent an unauthorized user from accessing an account, even if they have a valid username and password.

look also

How to shield yourself against cyberattacks: from the "digital condom" to FIDO keys and encrypted disks

How to know if your cell phone has been tapped and what to do to protect yourself

Source: clarin

All tech articles on 2023-01-20

You may like

Life/Entertain 2023-03-28T09:12:46.663Z
News/Politics 2022-12-27T17:19:53.066Z

Trends 24h

Tech/Game 2023-03-27T10:24:30.255Z


© Communities 2019 - Privacy

The information on this site is from external sources that are not under our control.
The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.