35,000 PayPal accounts breached - is Yours One of Them? (Updated)

Captain Holly

Level 5
Verified
Well-known
Jan 23, 2021
227
I use Bitwarden, first day or two I thought the same, but once you figure out how it works its so easy. Basically you log in, go to a site, click on that site in BW and it logs you in. Give it a chance and figure it out, you will love it.
Thanks, I might try it again tomorrow when I am not tired.
 

Digmor Crusher

Level 23
Verified
Top Poster
Well-known
Jan 27, 2018
1,237
Thanks, I might try it again tomorrow when I am not tired.
Yes, I used Lastpass for years and when I switched I thought BW was junk and would last about a day before I uninstalled, but I gave it a chance and learned how it works. Now its so simple and convenient I wouldn't go without.
 

R2D2

Level 6
Verified
Well-known
Aug 7, 2017
267
BW as a discovery has been a great alternative to Lastpass. In fact, given its low subscription pricing, open source nature + self hostable, it is a great solution for those people for a PM solution.

I could recommend 1Password or Dashlane but they way more expensive though the UI is much better. Non geeks/noobs would prefer 1PW or Dashlane. These 2 solutions are better in information sharing functionalities when you've taken a family subscription. But then BW offers a sharing functionality for free..just among 2 persons for e.g. between spouses. All have their +ves and -ves.

I have been a subscriber to BW Premium since 2017 (thank you MWT...I keep saying this) and happy to say that every dollar donated to these guys is more than worth it.
 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
I am not logged into paypal permanently and when I finish I actually log out, people ussually just close the page, but that keeps the potentially stolen session open.
But paypal is partially to blame, they allow only 20 characters long passwords. Not to mention they use Google CDN for something as sensitive as 2FA.
 

Attachments

  • capture_01222023_134346.jpg
    capture_01222023_134346.jpg
    145.6 KB · Views: 70
Last edited:

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
Yes, I used Lastpass for years and when I switched I thought BW was junk and would last about a day before I uninstalled, but I gave it a chance and learned how it works. Now its so simple and convenient I wouldn't go without.
I second this.
BW as a discovery has been a great alternative to Lastpass. In fact, given its low subscription pricing, open source nature + self hostable, it is a great solution for those people for a PM solution.
The self-hosting option is well worth considering. Keepass/KeepassXC are also worth considering.
20-character randomly-generated paswords are more than enough.
:unsure:;)
 
  • Like
Reactions: vtqhtr413

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
"PayPal recently notified thousands of its customers that their accounts were breached by hackers, leaving their Social Security Numbers and other key pieces of personal information exposed as a result.
Sources report, that the attack involved “credential stuffing,” where hackers gather lists of usernames and passwords sourced from the dark web or from data breaches—and then “stuff” those credentials into login systems, giving them access to those accounts.
This form of attack is particularly dangerous for people who re-use passwords across their accounts, as hackers can steal a password from one account and use it to access others.
It is reported that PayPal notified users affected by this attack on January 18th with an email since made available online. The email states that,
“Based on PayPal’s investigation to date, we believe that this unauthorized activity occurred between December 6, 2022, and December 8, 2022, when we eliminated access for unauthorized third parties. During this time, the unauthorized third parties were able to view, and potentially acquire, some personal information for certain PayPal users.”
PayPal further detailed the information exposed (emphasis ours):
The personal information that was exposed could have included your name, address, Social Security number, individual tax identification number, and/or date of birth.
The email went on to say that PayPal reset the passwords of the affected accounts and will require affected users to establish a new password the next time they log in to their accounts......"
 
  • Like
Reactions: Gandalf_The_Grey

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Just turned on 2FA as well. As an extra layer of protection! This article is a great heads-up, thanks for sharing and so glad I came back to this forum. I really need to stay up to date with these things.

~LDogg
 

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
Just turned on 2FA as well. As an extra layer of protection! This article is a great heads-up, thanks for sharing and so glad I came back to this forum. I really need to stay up to date with these things.

~LDogg
I get that, there are periods when I simply don't have the time to spend on MT and other malware/security/privacy sites, then when I do spend time here I am grateful for the information and expertise shared here by our peers. When its cold and grey outside like it has been recently I'm more likely to be here, yet the bad boys, girls and bots don't slow up, so when its warmer outside that is usually when I have much catching up to do.
 
  • Like
Reactions: Gandalf_The_Grey

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
I get that, there are periods when I simply don't have the time to spend on MT and other malware/security/privacy sites, then when I do spend time here I am grateful for the information and expertise shared here by our peers. When its cold and grey outside like it has been recently I'm more likely to be here, yet the bad boys, girls and bots don't slow up, so when its warmer outside that is usually when I have much catching up to do.
Think I'll have to stay on here further, the more info you're to date with, the better you can protect yourself as well, the main surface point of normal protection is the user. Makes sense to keep up to date with trends and breaches. I'm always grateful for the information here, as always.

~LDogg
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top