A Credential Stuffing Attack Affected PayPal Accounts

PayPal recently suffered a large-scale credential stuffing attack with thousands of accounts compromised with credential stuffing, a type of cyber attack which uses stolen usernames and passwords taken from other data breaches to gain access to online accounts. This article will explain Credential Stuffing and how PayPal accounts were affected by it.

Read: T-Mobile suffers an API data breach

What is Credential Stuffing?

Credential stuffing is a type of cyberattack that uses stolen usernames and passwords from other data breaches to gain access to online accounts. This attack targets websites and services that use weak or reused passwords, taking a list of stolen usernames and passwords and attempting to use them to gain access to as many accounts as possible.

The attacker usually uses automated tools to try different combinations of usernames and passwords. The attack is often successful because many users use the same username and password combination across several websites.

Around 35000 PayPal accounts were affected

The attack took place around December 6 and December 8, 2022, and the company acted quickly to mitigate the attack, but then, it started a full and deeper internal investigation because the access was strange: they needed to know how this happened. On December 20, 2022, the inquiry concluded with the following results: unauthorized third parties logged into the accounts with valid credentials.

They also checked that it was not a breach of its systems, and there was no evidence of using their credentials. According to their investigation, 34,942 of its users have been impacted on those two days, and the cybercriminals get a hold of full names, dates of birth, postal addresses, social security numbers, and individual tax identification numbers. 

“We reset the passwords of the affected PayPal accounts and implemented enhanced security controls that will require you to establish a new password the next time you log in to your account,” PayPal explains in their notification to affected users.

Users must use strong and unique passwords for every account to avoid credential stuffing attacks, and a password manager can help to generate and store strong passwords so they don’t have to remember them all.

In addition, they should enable two-factor authentication on all your accounts, if available, to add an extra layer of security, as the attacker will need to enter a code sent to your phone or e-mail address to gain access to the account.

Keep in touch with our blog to read the latest news and innovations in the cybersecurity world. 

Credential Stuffing

Photo by Marques Thomas on Unsplash.

Facebook: Eagle Tech Corp

Instagram: @eagletech_corp

Twitter: @eagletechcorp

LinkedIn: Eagle Tech

YouTube: Eagle Tech Corp

Cyber security & IT Managed Services

Table of Contents

Share this Article
Related Articles