PayPal has started shipping data breach alerts to thousands of users. Hackers managed to gain access to their accounts through attacks credential stuffing attacks.
Η γέμιση διαπιστευτηρίων (credential stuffing attacks) είναι επιθέσεις όπου οι hacker προσπαθούν να αποκτήσουν πρόσβαση σε έναν λογαριασμό δοκιμάζοντας ονόματα χρήστη και κωδικούς πρόσβασης που προέρχονται από διαρροές data on various websites.
Αυτός ο τύπος επίθεσης πραγματοποιείται αυτόματα με scripts που τρέχουν λίστες διαπιστευτηρίων για να “συμπληρώσουν” φόρμες σύνδεσης σε διάφορες υπηρεσίες. Το γέμισμα διαπιστευτηρίων στοχεύει χρήστες που χρησιμοποιούν τον ίδιο code πρόσβασης σε πολλούς διαδικτυακούς λογαριασμούς, μια συμπεριφορά που είναι γνωστή και σαν “recycling Password".
PayPal says these attacks occurred between December 6 and 8, 2022. The company detected and stopped them at that time. At the same time, an internal investigation was launched to find out how the hackers gained access to the accounts.
As of December 20, 2022, PayPal has completed its investigation, confirming that unauthorized third parties connected to the accounts with valid credentials.
The electronics platform payments claims that this was not due to a breach of its systems and has no evidence that any other user credentials were leaked by the attack.
But according to PayPal's breach report, 34.942 of its users have been affected by the incident. Over the course of two days, the hackers accessed account holders' full names, dates of birth, mailing addresses, social security numbers and tax ID numbers.