Verify potential impact on you from the:

In a recent development, a claimant has allegedly put up for sale approximately 15.8 million PayPal login credentials, including plaintext passwords. This massive data breach has raised concerns among cybersecurity experts, with Dirk Knop from Heise's specialist service finding it unlikely that the data was recently obtained from PayPal.

To enhance account security and protect against potential breaches, experts recommend that affected users should consider setting up passkeys for passwordless login. Passkeys are a potential future solution for secure login, enabling cryptographic key pair login. They are less susceptible to theft, guessing, or forgetting, making them a more secure alternative to traditional passwords.

Passkeys can be stored in a compatible password manager, providing a universal and independent solution. They can also be stored in a mobile operating system like Android, iOS/MacOS, or Windows, or on a security USB stick (FIDO2). Using password managers is recommended by the Federal Office for Information Security (BSI) as a method for managing complex passwords.

Regularly checking for compromised passwords and changing them proactively is also crucial. Consumers can check if their PayPal email address is in the data collection by using services like Have I Been Pwned (https://haveibeenpwned.com/) or the Identity Leak Checker of the Hasso Plattner Institute (HPI).

In addition to setting up passkeys, users are advised to take other precautions to secure their accounts. This includes regularly checking transactions on PayPal by logging in directly on the website, taking screenshots and saving account statements when reporting suspicious activities, and immediately contacting PayPal and filing a report with the local police or the web watch of the respective federal state if suspicious activities are discovered in the account.

In light of this data breach, it is more important than ever for PayPal users to take proactive steps to secure their accounts. By adopting passkeys and following best practices for account security, users can significantly improve their account protection against breaches and unauthorized access.