Criminals Access More than 30,000 PayPal Accounts
PayPal has informed its customers that a number of accounts were compromised at the end of December. The company promptly reset all affected users' passwords and said it found no indication of a system breach.
It's easy to imagine why PayPal accounts are such valuable targets for criminals, given that they deal with currency transfers and direct payments, not to mention integration with other banking systems.
PayPal has revealed in a report that third parties have accessed and viewed information on a number of users. While the number of impacted customers wasn't revealed in the initial report, according to SecurityWeek, PayPal informed the Maine Attorney General that 34,942 people were affected.
The company explained that its systems were intact and that attackers likely obtained the credentials via other means, like phishing. A roughly estimated 20% of people reuse the same credentials on multiple online accounts, so it's also possible that the login information used to access PayPal accounts comes from a data breach with no relation to PayPal itself.
"Based on PayPal's investigation to date, we believe that this unauthorized activity occurred between December 6, 2022, and December 8, 2022, when we eliminated access for unauthorized third parties," the company explained. "During this time, the unauthorized third parties were able to view, and potentially acquire, some personal information for certain PayPal users."
"We have no information suggesting that any of your personal information was misused as a result of this incident, or that there are any unauthorized transactions on your account. There is also no evidence that your login credentials were obtained from any PayPal systems," the company added.
The passwords of all affected users have been reset, which means they have to set up new ones. Let's hope they'll create a unique password not used for any other online service. Also, setting up two-factor authentication should be the mandatory second step.
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns
January 19, 2023
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
November 29, 2022
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022