RaveDigger t1_j52ucfh wrote on January 20, 2023 at 12:27 AM

Reply to comment by fwubglubbel in PayPal says hackers accessed sensitive data of ~35K users, including addresses and social security numbers, in a credential stuffing attack in December 2022 by iingot

I made the mistake of taking payment for something using PayPal and I couldn't withdraw the money without giving them my SSN. Such fucking bullshit and now even worse that it's been leaked. This is why I didn't want to give you my SSN PayPal! Fuck you!

Suspicious_Ram t1_j5326qt wrote on January 20, 2023 at 1:23 AM

Just to make sure you understand, this is a credential stuffing breach. You would have had to use a shared password on PayPal and a different compromised site. If this does apply to you, you really need to think about changing all your passwords and make sure they’re unique per site or at least unique for each high level of risk site. IE banking, financial, isp/cellular, medical, email high risk. Social media medium. Forums low risk. Etc..

RaveDigger t1_j532ykm wrote on January 20, 2023 at 1:29 AM

Ahhh, thank you for the explanation. I'm probably safe because I use bitwarden to auto generate complex and unique passwords for anything important. I honestly don't even know my PayPal password.

Either way fuck them for holding my money ransom.

Suspicious_Ram t1_j5337sj wrote on January 20, 2023 at 1:31 AM

Yes, you’re safe then.