Overview
- The listing, attributed to a user calling themselves Chucky_BF, claims a 1.1 GB dataset compiled in May 2025 and is priced at about $750.
- PayPal has not confirmed any intrusion of its servers, and security researchers say a platform hack appears unlikely based on available evidence.
- Partial reviews reported by HackRead found duplicate entries as well as fake or test accounts, with many passwords in plaintext and apparently reused.
- Users are urged to check their email addresses via Have I Been Pwned or HPI’s Identity Leak Checker, change affected passwords, enable two‑factor authentication, and monitor PayPal transactions.
- Security guidance stresses unique passwords, the use of password managers, consideration of passkeys for stronger authentication, and reporting suspicious activity to PayPal and local police if fraud is suspected.