Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

PayPal Sued Over Data Breach that Impacted 35,000 users

In December 2022, PayPal announced a data breach, but it claimed that the login credentials used in the attack were not obtained from its network.

Online payment giant PayPal is in hot water once again, this time over a data breach that exposed the personal and financial information of almost 35,000 individuals. A proposed class action filed by plaintiffs Ashley Pillard and Destiny Rucker alleges that the company’s negligence was to blame for the December 2022 incident.

It is worth noting that, as reported by, on January 19th, 2023, PayPal began contacting nearly 35,000 users with a data breach notification, explaining that their accounts had been hacked between December 6th and 8th, 2022.

While PayPal was quick to identify and contain the breach as soon as it happened, the investigation took nearly two weeks to complete. During this time, the company confirmed that the hackers had gained access to the user accounts using valid credentials, although they denied that this was a result of a breach in their systems.

According to PayPal, there was no evidence to suggest that the user credentials were obtained directly from them, but the company is taking all necessary steps to ensure the safety and security of its users’ accounts. The affected users were been advised to reset their passwords and enable two-factor authentication (2FA) as a precautionary measure.

According to the complaint, PayPal failed to implement basic security measures or comply with industry data protection standards and guidelines set forth by the Federal Trade Commission. As a result, sensitive information including names, addresses, Social Security numbers, tax identification numbers, and dates of birth were all exposed.

As per Bloomberg’s report, the lawsuit was filed in the US District Court for the Northern District of California on Thursday. If the case proceeds as a class action, it could potentially represent thousands of affected individuals seeking damages from PayPal.

In 2022, PayPal reportedly had a user base of 435 million, which includes users who have made at least one transaction during the year. The online payment giant has been experiencing a steady increase in its user base, with more and more people relying on its services for digital transactions.

However, with this new lawsuit, the company is once again under scrutiny for its handling of sensitive data and failure to protect its users’ privacy.

  1. YouTube converter quits after labels win lawsuit
  2. Lawsuit: Google tracked iPhone users’ activities
  3. Epic Games sued over hacked Fortnite accounts
  4. Equifax sued for Billions after 143 million data hack
  5. DNA service to pay $400k for data breach it ignored


I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related News

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

The primary targets of this phishing campaign are located in the Ukrainian regions of Crimea, Donetsk, and Lugansk, which were…
CyberSecure Announces Strategic Alliance

CyberSecure Announces Strategic Alliance

BETHESDA, Md., March 24, 2023 /PRNewswire/ — Cybersecure IPS and LockDown Inc. jointly announce that they have entered a strategic alliance to…
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Researchers from France-based pen-testing firm Synacktiv demonstrated two separate exploits against the Tesla Model 3 this week at the Pwn2Own…