AA
Vienna-Mail Lehrstellen Jobs
Anmelden

English News

Data Theft: 16 Million PayPal Logins Published

19.08.2025 17:56 (Akt. 19.08.2025 18:00)
Ein Hacker bietet fast 16 Millionen PayPal-Zugangsdaten im Darknet an. IT-Experten raten zur Passwort-Änderung und Vorsicht bei Phishing.
Ein Hacker bietet fast 16 Millionen PayPal-Zugangsdaten im Darknet an. IT-Experten raten zur Passwort-Änderung und Vorsicht bei Phishing. ©Julio Lopez/Pexels
An alleged hacker is offering nearly 16 million stolen PayPal login credentials on the dark web. The authenticity of the dataset is not fully verified – security researchers still advise caution.

A gigantic data leak currently endangers millions of PayPal users worldwide: A comprehensive dataset with allegedly 15.8 million PayPal login credentials has surfaced on the dark web. The offer is reportedly made by a user with the pseudonym "Chucky_BF," who is selling the stolen information for 750 US dollars. The data is said to have been stolen as early as May 2025.

Data Originates from Various Countries

According to initial analyses, the 1.1-gigabyte dataset contains email addresses from well-known providers like Gmail, Yahoo, or Hotmail, as well as domains from different countries. Passwords are also reportedly available in plain text – many of them reused multiple times. This increases the risk that criminals could also access other online accounts of the affected individuals. The dataset also includes URL references to login pages, which facilitates targeted phishing campaigns.

Authenticity Still Unclear

Whether these are entirely new or partially reused data from older leaks is currently not confirmed. Security researchers from the portal "Hackread" have already been able to view parts of the leak and found test accounts as well as duplicate entries. PayPal itself has not yet commented on the incident. According to current knowledge, there was no direct data leak at the payment service provider.

Infostealer Likely in Use

The likely cause is so-called infostealer malware, which steals login credentials directly from infected devices. Such malware can read stored passwords and forward them to third parties – without users noticing.

Recommended Protective Measures

Even though PayPal offers two-factor authentication (2FA) by default and thus provides a certain level of protection, IT security experts recommend changing the password. Users can also check services like haveibeenpwned.com to see if their email address has been affected by a leak. Modern password managers from Google or Apple also automatically warn of known security vulnerabilities.

This article has been automatically translated, read the original article here.

  • VIENNA.AT
  • English News
  • Data Theft: 16 Million PayPal Logins Published
    • Open preferences.
    Kommentare
    Kommentare
    Grund der Meldung
    • Werbung
    • Verstoß gegen Nutzungsbedingungen
    • Persönliche Daten veröffentlicht
    Noch 1000 Zeichen
    Datenschutzerklärung und Widerrufshinweise
    Open preferences.
    VIENNA.AT ©2025

    Präferenzen

    AGB
    Datenschutzerklärung
    Impressum