Today someone posted credentials for 1300 PayPal accounts on Pastebin. We tried to verify them, but after one unsuccessful attempt our IP address was blocked by PayPal. This could mean that the leak is original and PayPal is aware of it.
Hackers claim they have obtained credentials for 23,873,667,087 PayPal accounts. This post was spotted by our scanner at 2015-12-01 08:05:22 (GMT+1). If this is true, the only way to collect such amount of accounts is to hack PayPal.
Anyway, if your account is in the list, we recommend changing your passwords for everything and checking your computers for malware.
The original link is here: http://pastebin.com/bswiV5LY
Update 2015-12-02
According to Steve Ragan, PayPal is investigating this issue:
"A PayPal spokesperson has stated that the company's security professionals have looked into the reports that our customer accounts were compromised, and we can confirm the reports are inaccurate.
However, we've asked for additional clarification, because there is a chance that those accounts were tied not to PayPal directly, but to something related to PayPal and a third-party. We've asked PayPal to confirm that none of the accounts given to them to check are active PayPal customers, nor have they ever been associated with a PayPal product or service."
Have a nice day!
Monitoring & Alerting Services
Cybersecurity Help s .r.o.
http://www.s-help.com
