Massive data breach sees 16 million PayPal accounts leaked online


Hackers recently announced on a well-known forum that they were selling a dataset of 15.8 million stolen PayPal credentials, allegedly including login emails and plaintext passwords.

The cybercriminals claim the information was stolen in May 2025, and the dataset contains not just emails and passwords but also associated URLs, making it easier for criminals to automate credential stuffing attacks and launch identity theft scams.

Read more…
Source: TechRadar News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Internet Archive data breach exposes more than 31 million user accounts

    October 11, 2024

    The Internet Archive, a popular digital library known for its Wayback Machine, was hacked and suffered a data breach that reportedly exposed 31 million user accounts. Founder Brewster Kahle confirmed in a post on the social media platform X that a cyberattack on Tuesday knocked the website offline. He also said that usernames, emails, and encrypted ...

  • API Security Exposed: The Role of API Vulnerabilities in Real-World Data Breaches

    October 10, 2024

    This Trend Micro research discusses real-world API vulnerabilities and shows the risks companies face every day. We start our journey with two popular API gateways: APISIX and Kong. The researchers found over 600 APISIX instances and hundreds of thousands of Kong gateways accessible online. Each one is a door waiting for attackers to knock. However, the ...

  • European government systems hit by air-gap malware attack

    October 9, 2024

    In the last five years, hackers managed to steal sensitive information from air-gapped systems belonging to different European governments on at least three separate occasions. An air-gapped system is a computer or network that is physically isolated from unsecured networks, such as the internet, to prevent unauthorized access and enhance security. Still, crooks managed to steal ...

  • MoneyGram data breach included Social Security numbers, government documents, bank and other sensitive data

    October 9, 2024

    MoneyGram is back online after a cybersecurity breach disrupted services and compromised personal information. Between September 20 and 22, an “unauthorized third party” accessed and acquired the personal data of certain MoneyGram customers, the company said, leaving users unable to access their accounts. The money-sending service provided an update this past Monday, confirming that systems are ...

  • Casio Faces Cyberattack: Service Disruptions and Delayed G-Shock Releases

    October 9, 2024

    Casio, a well-known Japanese electronics company, experienced a significant cyberattack on October 5th. The company reported that an unidentified third party illegally accessed its network, causing system failures and service disruptions. In a statement on October 8th, Casio expressed regret for the inconvenience this has caused to its customers and stakeholders. The company is actively investigating ...

  • British Columbia: Clients of Indigenous health authority react to ransomware attack

    October 9, 2024

    The First Nations Health Authority (FNHA) in British Columbia says it has concluded its investigation into a ransomware attack in May, but some clients remain concerned about the theft of their medical and personal information. The FNHA said it “uncovered evidence that health insurance plan billing data, procurement contracts, business contracts, FNHA budgets, cheques, information on ...