PayPal hacker attack exposes customers’ names and social security numbers

Last Thursday, PayPal began notifying nearly 35,000 of its customers that their accounts had been hacked between December 6 and 8. During the two days, PayPal claimed that no money was stolen from anyone.

Click for KURT’s online newsletter with quick tips, tech reviews, security alerts, and how-tos to make you smarter.

What happened to the PayPal attack?

The hackers were still able to obtain personal and private information, including full names, dates of birth, physical addresses, Social Security numbers, and tax identification numbers. PayPal stopped the intrusion within two days, reset the passwords of the affected users and said no unauthorized transactions were attempted.

PayPal’s internal investigation revealed that hackers used a method known as credit stuffing to breach these victims’ accounts.
(Kurt Knutson)

How hackers hacked these accounts?

PayPal’s internal investigation revealed that hackers used a method known as credit stuffing to breach these victims’ accounts. Credential stuffing is when hackers use existing credentials already floating around the dark web to hack into private accounts. They use bots with lists of usernames and passwords obtained in previous data breaches and try to use the credentials on multiple online services in the hope that customers haven’t changed their passwords recently. This is where those who use the same passwords across different accounts can get into big trouble.


To learn more about how to tell if your passwords have been hacked, head over to and search for “were your passwords hacked” by clicking the magnifying glass at the top of my website.

What if my PayPal account is hacked?

If you are a victim of this PayPal attack, PayPal should have already reset your password. When you go to create a new password, make sure it is a strong password with uppercase and lowercase letters, numbers, and symbols. The company is also offering victims two years of free identity monitoring from Equifax.

How to protect yourself from hackers in the future

Although PayPal is working hard to help the victims of this vicious attack, there are steps you can take to ensure that something like this never happens to you.

  • Create strong passwords and don’t use the same words with multiple accounts: You can learn more about creating strong passwords and managing great passwords here
  • Use two-factor authentication: Take advantage of two-factor authentication for whatever services you use that they provide. This is an extra step that will keep a hacker away from your private information even if they get their hands on your login credentials.

How cash payment app scams lead to money scams

Were you affected by the PayPal breach? We’d love to hear from you.

For more of my security tips, sign up for the free CyberGuy Report newsletter by clicking the “Free Newsletter” link at the top of my website.

Click here for the FOX NEWS app

Copyright 2023 All rights reserved. articles and content may contain affiliate links that earn commission when purchases are made.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *