1 December 2015

PayPal hacked? 1300 PayPal accounts posted on Pastebin

PayPal hacked? 1300 PayPal accounts posted on Pastebin

Today someone posted credentials for 1300 PayPal accounts on Pastebin. We tried to verify them, but after one unsuccessful attempt our IP address was blocked by PayPal. This could mean that the leak is original and PayPal is aware of it.

Hackers claim they have obtained credentials for 23,873,667,087 PayPal accounts. This post was spotted by our scanner at 2015-12-01 08:05:22 (GMT+1). If this is true, the only way to collect such amount of accounts is to hack PayPal.

Anyway, if your account is in the list, we recommend changing your passwords for everything and checking your computers for malware.

The original link is here: http://pastebin.com/bswiV5LY

Update 2015-12-02

According to Steve Ragan, PayPal is investigating this issue:

"A PayPal spokesperson has stated that the company's security professionals have looked into the reports that our customer accounts were compromised, and we can confirm the reports are inaccurate.
However, we've asked for additional clarification, because there is a chance that those accounts were tied not to PayPal directly, but to something related to PayPal and a third-party. We've asked PayPal to confirm that none of the accounts given to them to check are active PayPal customers, nor have they ever been associated with a PayPal product or service."

Have a nice day!
Monitoring & Alerting Services
Cybersecurity Help s .r.o.
http://www.s-help.com

Back to the list

Latest Posts

Microsoft patches for June 2018

Microsoft patches for June 2018

50 vulnerabilities patched, some of them are potentially wormable.
13 June 2018
VPNFilter, attacks on routers and why external scanning is essential for security

VPNFilter, attacks on routers and why external scanning is essential for security

How to protect your router from VPNFilter and other attacks.
8 June 2018
New zero-day in Adobe Flash Player heavily exploited in the Middle East

New zero-day in Adobe Flash Player heavily exploited in the Middle East

Users in Doha and Qatar suffered from a targeted attack.
7 June 2018