Examine whether you're impacted by the issue at hand
In a concerning development, a criminal has claimed to have obtained around 16 million PayPal login credentials, including plaintext passwords, and is offering the data for sale in an underground forum.
Consumers who fear their login credentials may have been compromised are advised to check if their email appears on Have I Been Pwned. This service maintains a database of breached login credentials and can help individuals determine if their information has been exposed.
If a search yields one or more hits, affected users should change their password with the respective service immediately. It's also recommended to regularly check and change possibly compromised passwords to stay ahead of potential attackers.
The Federal Office for Information Security (BSI) recommends using a password manager to manage complex passwords. Storing passkeys in a password manager provides a universal and independent solution for key storage. Passkeys can be stored on a security USB stick (FIDO2) for added security.
Passkeys require approval for use, often through biometric means like fingerprint. They enable passwordless login via a cryptographic key pair, making them less vulnerable to theft, guessing, or forgetting.
Using a password manager is not only recommended by the BSI, but Dirk Knop from the Heise service department also finds it unlikely that the data was recently obtained from PayPal.
If suspicious activities are discovered on one's account, contacting PayPal immediately and filing a report with the local police or the web watch of one's respective federal state is advised. Saving account statements and taking screenshots can be helpful when reporting suspicious activities.
Additionally, the Identity Leak Checker of the Hasso-Plattner-Institut (HPI) can also be used for this purpose. A password notebook can also be used for safer online activities, according to the BSI.
Logging in directly on the PayPal website to check transactions can be useful. Keeping a close eye on account activities and promptly reporting any suspicious activities is key to maintaining online security.
Stay vigilant and stay secure!
Read also:
- Senators pressure nominated leader of CISA on election security concerns, focus of agency highlighted
- Digital passwords come under pressure as major tech companies move towards strengthened security measures
- Blockaid's security services now integrated into D'CENT Wallet, enhancing Web3's safety measures.
- Osteoporosis: Factors Influencing Risk, Identification Methods, and Medical Interventions
