Tom's Guide
A dataset allegedly containing 15.8 million stolen PayPal credentials, including login emails and plaintext passwords, was posted to a well-known data leak forum this week. Hackers claim the data was stolen in May 2025, but PayPal denies this. In a statement to Tom's Guide, PayPal said the exposed information is related to a "security incident" back in 2022, and not the result of a new breach. Either way, now is as good a time as any to reset your PayPal password just to be safe.
That's because the cybercriminals behind the forum post claim to not only have emails and passwords but also associated URLs, information that could streamline automated credential-stuffing attacks and fuel identity theft schemes. As first reported by Cybernews, the hackers claim the dataset contains thousands of
Reuters US Top
PC World
PC World Business
InForum
Deadline Business
New York Post
The Motley Fool
Colorado Springs Gazette
New York Post Lifestyle
AlterNet