PayPal

PayPal is notifying 1000 users of data breaches because their accounts were compromised as a result of credential stuffing assaults.

Threat actors gained access to user names, addresses, Social Security numbers, personal tax identification numbers, dates of birth, and, of course, transaction histories. The corporation is sending breach notification letters to the impacted clients.

When users log in to their accounts for the next time, PayPal will force them to create new passwords as it has reset the passwords of the affected accounts.

In addition to fraud warnings and up to $1 million in identity theft insurance coverage for a specific list of out-of-pocket expenses brought on by identity theft, the financial technology business is providing two years of Equifax identity monitoring services to the affected clients.

Source: https://securityaffairs.com/141072/data-breach/paypal-data-breach-credential-stuffing.html

TPRM report: https://scoringcyber.rankiteo.com/company/paypal

"id": "pay225181023",
"linkid": "paypal",
"type": "Data Leak",
"date": "01/2023",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'customers_affected': 1000,
                        'industry': 'Financial Services',
                        'name': 'PayPal',
                        'type': 'Financial Technology Company'}],
 'attack_vector': 'Credential Stuffing',
 'customer_advisories': 'Breach Notification Letters',
 'data_breach': {'number_of_records_exposed': 1000,
                 'personally_identifiable_information': ['User Names',
                                                         'Addresses',
                                                         'Social Security '
                                                         'Numbers',
                                                         'Personal Tax '
                                                         'Identification '
                                                         'Numbers',
                                                         'Dates of Birth'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information',
                                              'Transaction Histories']},
 'description': 'PayPal is notifying 1000 users of data breaches because their '
                'accounts were compromised as a result of credential stuffing '
                'assaults.',
 'impact': {'data_compromised': ['User Names',
                                 'Addresses',
                                 'Social Security Numbers',
                                 'Personal Tax Identification Numbers',
                                 'Dates of Birth',
                                 'Transaction Histories'],
            'identity_theft_risk': 'High'},
 'initial_access_broker': {'entry_point': 'Credential Stuffing'},
 'motivation': 'Financial Gain, Data Theft',
 'post_incident_analysis': {'corrective_actions': 'Password Reset, Fraud '
                                                  'Warnings, Identity Theft '
                                                  'Insurance',
                            'root_causes': 'Weak or Reused Passwords'},
 'response': {'communication_strategy': 'Breach Notification Letters',
              'containment_measures': 'Password Reset',
              'remediation_measures': 'Fraud Warnings, Identity Theft '
                                      'Insurance',
              'third_party_assistance': 'Equifax Identity Monitoring Services'},
 'title': 'PayPal Data Breach Due to Credential Stuffing Attacks',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Weak or Reused Passwords'}

PayPal

Lazarus Naturals

Estes Forwarding Worldwide

Synnovis