Almost 16 Million PayPal Credentials Leak Claim Sparks Security Concerns
Published on August 18, 2025
- PayPal hack: A recent post on the dark web announced the sale of millions of PayPal login details.
- Is it true: Security experts speculate that plaintext passwords are unlikely to come from PayPal’s systems.
- How it happened: While the hacker did not offer details on how these were obtained, infostealers or credential stuffing may be at the core.
A threat actor known as "Chucky_BF" is reportedly selling 15.8 million email and plaintext password pairs linked to PayPal accounts worldwide. While the authenticity of this claim remains unverified, immediate precautions are advised to secure user accounts.
Details of the Claim
The claim surfaced on underground hacking forums, where Chucky_BF offered the sale of 1.1 GB of data reportedly containing 15.8 million login emails and plaintext passwords.
If true, the breach would represent a significant security threat to millions of PayPal users globally.
However, cybersecurity professional Troy Hunt has expressed skepticism regarding the origins of the plaintext passwords.
Possible Methods of Credential Theft
Analysts speculate that the credentials, if authentic, may stem from incidents such as credential stuffing attacks or malware infections, rather than a breach of PayPal’s systems.
Hunt noted, “Given passwords definitely didn’t come from PayPal in plain text, they’ve either been obtained another way (infostealer, credential stuffing) or there’s another explanation for this claim.”
Credential stuffing involves attackers utilizing previously leaked passwords from other breaches, exploiting users who reuse passwords across multiple accounts. Similarly, info-stealer malware captures stored credentials from victims' devices, with hackers offering them in bulk on hacking forums.
Recommended Actions for Users
Regardless of the claim’s validity, users should adopt proactive measures to safeguard their accounts. Best practices include:
- Updating Passwords – Create unique, complex passwords for all online accounts, including PayPal.
- Enabling Multi-Factor Authentication (MFA) – MFA adds an extra layer of protection, even if passwords are compromised.
- Monitoring Account Activity – Pay close attention to account statements and report suspicious activities immediately.
Cybersecurity experts consistently emphasize the importance of adopting strong password management and authentication practices to mitigate the risks posed by potential breaches, such as the PayPal credentials leak.
In June, the largest password breach compilation was revealed, comprising 16 billion credentials from various companies.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular