Massive data breach sees 16 million PayPal accounts leaked online


Hackers recently announced on a well-known forum that they were selling a dataset of 15.8 million stolen PayPal credentials, allegedly including login emails and plaintext passwords.

The cybercriminals claim the information was stolen in May 2025, and the dataset contains not just emails and passwords but also associated URLs, making it easier for criminals to automate credential stuffing attacks and launch identity theft scams.

Read more…
Source: TechRadar News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Massive Europcar data breach affects around 200,000 customers

    April 7, 2025

    Europcar has reportedly suffered a data breach in which it lost sensitive data on hundreds of thousands of customers. A threat actor with the alias ‘Europcar’ posted a new thread in an underground forum, claiming to have “successfully breached Europcar’s systems and obtained all their GitLab repositories”. As a result, the attacker took more than 9,000 ...

  • Security firm Check Point confirms data breach, but says users have nothing to worry about

    April 1, 2025

    A hacker is claiming to have stolen a “highly sensitive” dataset from Check Point – but the company is looking to play down any concerns users might have. The cybercriminal, going by the name of CoreInjection, posted about the dataset of compromised Check Point files on a cybercrime forum – and alleges that the information contains ...

  • GCHQ worker admits taking top secret data home

    March 31, 2025

    A former GCHQ intern has admitted risking national security by taking top secret data home with him on his mobile phone. Hasaan Arshad, 25, pleaded guilty to an offence under the Computer Misuse Act on what would have been the first day of his trial at the Old Bailey in London. The charge related to committing ...

  • Oracle grapples with dual data breaches

    March 31, 2025

    Oracle is dealing with the fallout of a double data breach — one exposing patient data at US hospitals, and another raising concerns about its cloud security. Reports over the weekend suggest a breach at Oracle Health, formerly known as Cerner, has impacted multiple US healthcare organisations and hospitals. Threat actors are believed to have stolen ...

  • UK: NHS software provider fined £3m over data breach after ransomware attack

    March 27, 2025

    An NHS software provider has been fined £3m by the Information Commissioner’s Office (ICO) over security failings that led to a ransomware attack on the NHS. The Advanced Computer Software Group was fined for a breach that put personal information of 79,404 people at risk, the UK’s data protection watchdog said. The firm provides IT and ...

  • UK MoD probes security breach after documents relating to Catterick Garrison found dumped in street

    March 26, 2025

    The Ministry of Defence is investigating after a cache of documents containing sensitive military information was found discarded in the street. The papers, some marked “official – sensitive”, were discovered spilling out of a black bin bag in the Scotswood area of Newcastle on March 16 . The BBC reported that they include details about soldiers’ ...