PayPal data breach exposed 35000 PayPal accounts
By MYBRANDBOOK
PayPal suffered a significant credential-stuffing attack in December last year that compromised the sensitive personal information of close to 35,000 customer accounts. Credential stuffing are attacks where hackers attempt to access an account by trying out username and password pairs sourced from data leaks on various websites.
PayPal explains that the credential stuffing attack occurred between December 6 and December 8, 2022. For the two days the attack was running, hackers had access to all sorts of personal information, including full names, birth dates, address, social security numbers, and tax identification. They could also see PayPal transaction details that include credit card and bank information.
The company detected and mitigated it at the time but also started an internal investigation to find out how the hackers obtained access to the accounts. By December 20, 2022, PayPal concluded its investigation, confirming that unauthorized third parties logged into the accounts with valid credentials.
The electronic payments platform claims that this was not due to a breach on its systems and has no evidence that the user credentials were obtained directly from them. According to the data breach reporting from PayPal, 34,942 of its users have been impacted by the incident. During the two days, hackers had access to account holders' full names, dates of birth, postal addresses, social security numbers, and individual tax identification numbers.
The company strongly recommends that recipients of the notices change the passwords for other online accounts using a unique and long string. Typically, a good password is at least 12-characters long and includes alphanumeric characters and symbols.
Moreover, PayPal advises users to activate two-factor authentication (2FA) protection from the 'Account Settings' menu, which can prevent an unauthorized party from accessing an account, even if they have a valid username and password.
Happiest Minds brings in an innovative GenAI chatbot
Happiest Minds Technologies has announced the new GenAI chatbot - ‘hAPPI...
Government mandates encryption for CCTV cameras to ensure netw
In the wake of issuing an internal advisory on securing CCTV cameras at g...
TRAI recommends allowing only Indian entities to participate i
The Telecom Regulatory Authority of India (TRAI) has recommended that onl...
Galaxy AI is available on more devices with Samsung One UI 6.1
Samsung has expanded the range of smartphones to which One UI 6.1 and Gala...
BEETEL TELETECH LTD.
LUMINOUS POWER TECHNOLOGIES PVT. LTD.
TATA CONSULTANCY SERVICES
TP-LINK INDIA PVT LTD.
Technology Icons Of India 2023: Ashish Kumar Chauhan
Ashish works as the CEO of the National Stock Exchange (NSE). He is al...
Technology Icons Of India 2023: Aalok Kumar
Aalok continues to lead the India business and further strengthen Indi...
Technology Icons Of India 2023: Shailender Kumar
Shailender Kumar is senior vice president and regional managing direct...
BBNL empowering rural India digitally
BBNL provide high speed digital connectivity to Rural India at afforda...
DRDO is India's largest and most diverse research organisation
DRDO is the R&D wing of Ministry of Defence, Govt of India, with a vis...
HPCL is transforming the energy landscape, across the nation and beyond
HPCL is world-class energy company known for caring and delighting the...
IRIS GLOBAL SERVICES PVT. LTD.
Iris Global services is one of the leading distribution houses that d...
ACCERON INFOSOL PVT. LTD.
It is a leading value added distributor in the IT security space and h...
NETPOLEON SOLUTIONS
Netpoleon Group is a Value-Added Distributor (VAD) of Network Security...