PayPal is one of the most commonly used e-wallets globally. It is a convenient way to send and receive money, even if it has high fees. Unfortunately, over 35,000 accounts were compromised in late December, mainly due to users failing to do their job.
PayPal Account Security is Paramount
When using online services, users need to take ample precautions. Whether it is a PayPal or a crypto exchange, unique passwords and two-factor authentication are necessary. Unfortunately, many people still don’t take these matters seriously. That became apparent when PayPal informed 35,000 users about account breaches. The incidents occurred between December 6-8, 2022.
Contrary to what some may think, there was no genius trick by the hackers to compromise these accounts. Instead, they used credential stuffing. That differs from attacking PayPal directly or relying on new phishing scams. Hackers could leverage previously obtained email addresses and password combinations through credential stuffing. Many people reuse these login details across platforms, creating tremendous security risks.
Users who had their accounts exposed shared personal information with the hackers. That includes full names, dates of birth, addresses, social security numbers, and tax identification numbers. In addition, data regarding linked payment cards and bank accounts may have been obtained. It is remarkable how things have gotten so out of hand due to user error. People should know better than to reuse login credentials.
Although PayPal’s team reset passwords for affected accounts, the damage was done. Thankfully, no unauthorized transactions took place. That confirms all user funds are safe, even though things could have gone very differently. Users also receive two years of credit monitoring to further ensure their details aren’t abused. Again, however, it all could have been avoided if users had taken the necessary precautions.
Emphasize Account Security
The convenient solution is for people to use the same login and password for all services. In reality, that is the worst approach. Every platform should have a unique account password. Managing such credentials is straightforward with one of the many password managers. There is no excuse for reusing the same credentials across multiple platforms.
In addition, these PayPal accounts were compromised because there was no two-factor authentication. It is very easy to set up 2FA, especially on a mobile device. Moreover, it is a good approach to all the online services one uses. Most platforms let users set up two-factor authentication. It should be made mandatory, especially for e-wallet providers. Unfortunately, that still isn’t the case in 2023 for unknown reasons.
None of the information on this website is investment or financial advice and does not necessarily reflect the views of CryptoMode or the author. CryptoMode is not responsible for any financial losses sustained by acting on information provided on this website by its authors or clients. Always conduct your research before making financial commitments, especially with third-party reviews, presales, and other opportunities.