Thousand of Paypal users had their information expose

Every day more of us prefer to do business using alternative methods of payment , Paypal is one of that options, in fact  this American multinational financial technology company ,Established in 1998, operate an online payments system in the majority of countries that support online money transfers, and serves as an electronic alternative to traditional paper methods such as checks and money orders.



These kind of services are by law required to obtain a lot of personal information from its users, in the process called KYC or Know your customer, those sensitive information must be resguard by the platform as part of the confidentiality, agreement but for almost 35k users of Paypal there is bad news. As the official communication of paypal state, that from December 6 to December 8, the company had a security breach and information as  names, addresses, Social Security Numbers, individual tax identification numbers and dates of birth of those users was compromise and PayPal is sending a data breach notifications to thousands of users who had their accounts accessed through credential stuffing attacks that exposed these personal data.

Credential stuffing are attacks where hackers attempt to access an account by trying out username and password pairs sourced from data leaks on various websites.

Paypal found out about the security breach on December 20th, they reset the passwords of the affected  accounts and implemented enhanced security controls that will require establishing a new password the next time the users log in to your account. Also as compensation impacted users will receive a free-of-charge two-year identity monitoring service from Equifax.

Have you ever been a victim of a security hack?