- Hackers claim to sell millions of PayPal -Logins but experts have suspected
- The data set allegedly includes passwords, e emails and URLs for automated attacks
- Experts say the leaked sample is too small to confirm authenticity and its low prices raise doubts about its legitimacy
Hackers recently announced on a well-known forum that they were selling a 15.8 million stolen PayPal credentials, allegedly including login emails and plaintext passwords.
Cyber criminals claim that the information was stolen in May 2025, and the data set contains not only E emails and passwords, but also affiliated URLs, making it easier for criminals to automate legitimate tasks and launch identity theft -theft fraud.
They also claim that while many of the leaked passwords seemed unique and “strong looking”, a large part was recycled. If it is true, the value of the dump may be less than suggested.
Doubt about the infringement requirements
However, experts who examined the small test released to the public concluded that it was inadequate to verify the claims of the attackers and noted that if the violation really took place in May 2025, much of the usable data could have already been exploited.
Interestingly, the pricing of the alleged database is surprisingly low, which raises further doubts about its authenticity.
Historically, the chair is commanding data data pamers much higher prices on the dark web.
However, PayPal quickly denied any new violation, instead of pointing to a “security event” from 2022, which involved the credentials of filling and resulted in regulators offering the company earlier this year.
This event experienced only 35,000 accounts exposed to far from the millions now required by attackers.
Skeptics claim that the resemblance between the alleged PayPal data set and the structure of infoTeals -malware -log files from an older event suggests bad game.
Infostealers are quietly harvesting passwords, cookies and other details from infected devices that often pack the data with a URL followed by login information.
It is quite common to find credentials listed in stealer logs circulating in dark web market sites, but these are not direct from PayPal’s system; They are from compromised user devices.
Whether this new requirement turns out to be genuine, the situation emphasizes how easy it is for user information to circulate when stolen.
Leaked login information can enable identity theft and financial fraud long after the original compromise.
Users who have recycled PayPal credentials on other platforms remain vulnerable to attacks.
How to remain safe
- Change your PayPal password and avoid reusing it across other services.
- Enable multi-factor approval to add an additional layer of security.
- Monitor accounts regularly for signs of identity theft or unusual activity.
- Use a strong internet security suite with firewall protection.
- Be careful with links and attachments that can carry infosteals -Malware.
- Consider dedicated identity theft surveillance services for additional protection.
Via Cybergenws
