Total Tests:

PayPal: 35,000 customers breached in credential stuffing attack

By Dev Kundaliya for Computing
Friday, January 20, 2023

People who use same passwords across many online sites are recommended to change to unique, secure passwords for each one. A strong password often has at least 12 characters, including symbols and alphanumeric characters.

Commenting on the incident, Ilia Kolochenko, founder of ImmuniWeb and a member of Europol Data Protection Experts Network, said: "It is at least surprising why MFA authentication is not enforced by default for such a sensitive service as PayPal."

"Moreover, any unusual activity, such as login from an unknown location or new device should be rapidly reported to the user and the account may be temporarily suspended unless the user takes an action.

"Modern MFA technologies cost almost nothing to implement and should be enabled by default by financial service providers as a foundational security control. In the meantime, all users should urgently enable MFA everywhere, especially in view of the recent LastPass data breach." Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential