35,000 PayPal users Breached

[Ice Tea]

PayPal says crooks accessed 34,942 customers' info

That passwordless option is looking really good right about now

www.theregister.com

PayPal did not inform law enforcement about the security snafu, according to the notification.

The financial goliath did not address The Register's questions on, among other things, why it didn't involve the cops and what are some of the enhanced security measures it has implemented since discovering the attack. Instead a spinner told us:

 

[VincentHanna]

Always use 2FA.

 

[Deleted member 77746]

Paypal is about to lay off 2000 people. Doesn't sound like the business is doing well any more.

Tech layoffs: PayPal cuts 2,000 jobs as global economy weakens

The online payments platform is the latest technology firm to cut costs as the global economy weakens.

www.bbc.co.uk

 

[mattyg]

Always use 2FA.

Means nothing to Paypal. If you lose your 2fa they'll just text your number instead.
Which is fantastic with the amount of Sim swap spoofs going on

 

[Lysander]

PayPal says crooks accessed 34,942 customers' info

That passwordless option is looking really good right about now

www.theregister.com

Fantastic. Especially when you consider that they are demanding photo ID from some users in order to regain access to their accounts.

My Twitch contract says I use Paypal, what can I do, I have to give them my ID. Not happy.

 

[tlrBeta]

Paypal is about to lay off 2000 people. Doesn't sound like the business is doing well any more.

Tech layoffs: PayPal cuts 2,000 jobs as global economy weakens

The online payments platform is the latest technology firm to cut costs as the global economy weakens.

www.bbc.co.uk

Rookie numbers.

Standard tech layoff right now

 

[NickK]

In the UK there's an identity check app from the government. I know I had to use it recently. It could solve their issues without making a pool of photo IDs that is even more attractive to hackers.

 

[NickK]

Rookie numbers.

Standard tech layoff right now

A certain bank did 7,000 then 40,000 at once a while back - basically 50K as a major adjustment due to financial results looking grim. So techs are simply adjust to outlooks.

 

[glenimp617]

Paypals 2FA has never worked properly, nor does it remember your device for 30 days (I think the devs made a mistake and set it to 30 seconds rather than 30 days). Noobs!

 

[diamount]

Paypals 2FA has never worked properly, nor does it remember your device for 30 days (I think the devs made a mistake and set it to 30 seconds rather than 30 days). Noobs!

Indeed, I come out of the app for a second and when it refreshes it asks for 2FA again.

 

[Deleted member 77746]

Rookie numbers.

Standard tech layoff right now

it's 7% of their workforce according to the article.

 

[Deleted member 77746]

In the UK there's an identity check app from the government. I know I had to use it recently. It could solve their issues without making a pool of photo IDs that is even more attractive to hackers.

I'll be surprised if we don't do full scale ID checks in the future for all the mainstream sites. I have an app called Yoti which is my digital ID if I ever need it.

 

[Diddums]

Lol paypal.

I'm genuinely amazed that they're still going, they've been surpassed by other companies in every conceivable aspect and their own house is a dumpster fire.

 

[jpaul]

don't most people use email address as their paypal id, which is easy to steal elsewhere ? and they then tried those with previously pwned passwords

as suggested I too, use their 2FA with authenticator, but would use a sms to phone if we had good reception,
banks are still using 2FA via SMS, plus you'd put a sim passwords on your phone to prevent sim swap fraud.