15.8 million identifiers and Paypal passwords are in nature: real leak or intoxication?
2025 will have been a dark year for personal data of many users as the major service cyber attacks have multiplied. But in the midst of proven attacks, small clever people try to take advantage of it to take advantage of a lower effort. Perhaps this is the case of the case of the day, but, in doubt, do not hesitate to change your Paypal password and to add the double authentication.
Paypal victim of a massive leak?
On a forum dedicated to hackers, a cybercriminal by the name of Chucky_BF puts for sale at most offering 1.1 GB of data composed of 15.8 million identifying couples (Gmail, Yahoo and Hotmail addresses in particular) and passwords of the payment platform. He claims that this base comes from a massive leak from Paypal dating from May 2025, with information displayed in clear.
Advertisement
However, Paypal denies this breach and ensures that this data comes from an incident dating from 2022. In addition, Troy Hunt, the security researcher at the origin of the Have I Been Pwned site, tells him that the passwords in clear cannot come from Paypal, questioning the veracity of the hack.
It also evokes the possibility that the data has been recovered otherwise, and the theory of a connection data mixture obtained via different techniques on several platforms is plausible.
While waiting to be fixed, do not hesitate to change your PayPal password and, as usual, to use different passwords on each service. The use of a password manager has never been so relevant.
