Particle.news
Download on the App Store
11 ARTICLES
·
41m ago

Alleged Sale of 15.8 Million PayPal Logins Prompts Security Warnings as Experts Doubt Origin

Early samples show a mix of real accounts, test accounts, fake accounts.

Image
Im Darknet werden derzeit Zugangsdaten von rund 15,8 Millionen PayPal-Nutzer zum Verkauf angeboten. (Symbolbild)
Derzeit werden 15,8 Millionen Zugänge von Paypal-Kunden zum Kauf angeboten. (Symbolbild)

Overview

  • A seller using the alias Chucky_BF is listing a 1.1 GB cache said to contain 15.8 million PayPal email–password pairs dated May 6, 2025, for about $750.
  • The post claims plaintext passwords and includes PayPal-related URLs, with the seller pitching uses for phishing, credential stuffing and fraud.
  • Hackread’s spot checks found duplicates and test or fake entries, though some records appeared authentic.
  • Security specialists, including Have I Been Pwned founder Troy Hunt, say the trove likely stems from infostealer malware, credential-stuffing activity or recycled leaks rather than a breach at PayPal, which does not store plaintext passwords.
  • PayPal had not issued a public statement at publication time, and users are urged to monitor for suspicious activity, change reused passwords and enable two-factor authentication or passkeys.