- Computer pirates claim to be selling millions of PayPal session, but experts suspect that the dirty game
- The data set supposedly includes passwords, emails and URL for automated attacks
- Experts say that the leaked sample is too small to confirm authenticity, and its low price shows doubts about its legitimacy
The hackers recently announced in a well -known forum that were selling a data set of 15.8 million PayPal stolen credentials, which allegedly included session emails and text passwords without format.
Cybercriminals claim that the information was stolen in May 2025, and the data set contains not only emails and passwords, but also associated URLs, which facilitates criminals to automate credentials attacks and launch identity robbery scams.
They also claim that, although many of the filtered passwords seemed unique and “strong -looking”, a large part was reused. If it is true, the value of the dump can be smaller than the suggested.
Doubts about violation claims
However, experts who examined the small sample published to the public concluded that it was insufficient to verify the claims of the attackers, and pointed out that if the violation really occurred in May 2025, much of the usable data could already have been exploited.
Interestingly, the price established for the alleged database is surprisingly low, which raises more doubts about its authenticity.
Historically, high quality stolen data commands much higher prices on the dark website.
However, PayPal quickly denied any new violation, instead of pointing out a “security incident” of 2022, which implied credentials of credentials and turned out that regulators multiplied the company earlier this year.
That event saw only 35,000 exposed accounts, far from the millions now claimed by the attackers.
The skeptics argue that the similarity between the alleged set of data from PayPal and the structure of the inforetaler malware records of a previous event suggests a dirty game.
Infantes infants harvest passwords, cookies and other details of infected devices, often packing the data with a URL followed by login information.
It is quite common to find credentials listed in the Stealer records that circulate in the dark web markets, but these are not directly from the PayPal system; They are compromised user devices.
Regardless of whether this new claim is genuine, the situation underlines how easy it is for user information to circulate once stolen.
The filtered login details can allow identity theft and financial fraud long after the original commitment.
Users who have reused PayPal credentials on other platforms remain vulnerable to attack.
How to stay safe
- Change your PayPal password and avoid reusing it in other services.
- Enable multifactor authentication to add an additional safety layer.
- Monitor the accounts regularly to obtain signs of identity theft or unusual activity.
- Use a strong Internet security suite with Firewall protection.
- Be careful with the links and attachments that can transport infant infant malware.
- Consider the dedicated identity theft monitoring services for greater protection.
Through Cybernews
