PayPal gets stuffed by large-scale credential attack

Yesterday PayPal began sending out data breach notifications to thousands of its users who have had their accounts accessed via credential stuffing attacks which exposed some personal data. BleepingComputer reports that almost 35,000 accounts were compromised in the attack which took place between December 6 and December 8, 2022. PayPal says it has taken action to limit intruders access and to reset the passwords of breached accounts. 'We have no information suggesting that any of your personal information was misused as a result of this incident, or that there are any unauthorized transactions on your account,' reads the company's notice… [Continue Reading]