padlock on a background of 0s and 1s

Another day, another major security breach. Following in the footstep of Twitter and Experian, on Thursday PayPal began notifying nearly 35,000 users that their accounts were breached between December 6 and 8.

What’s different here is the method attackers used to crack the accounts. PayPal itself wasn’t hacked. Instead, the baddies used an attack known as credential stuffing—leveraging previously leaked login information that people reused for their PayPal accounts.

Read More