A staggering 15.8 million PayPal login credentials have reportedly been exposed and put up for sale on the dark web, according to claims made by a hacking group. The group alleges that the data, which includes email addresses and plaintext passwords, was obtained in a sophisticated breach that took place in May 2025 according to a report from LifeLock. If verified, this massive credential dump could pose severe risks to millions of PayPal users, potentially enabling criminals to commit identity theft, financial fraud, and other malicious activities.
The dark web, a hidden part of the internet accessible only through special software, has long been a marketplace for stolen data, where cybercriminals trade login credentials, financial details, and other personal information. According to reports, the PayPal credential dump is being offered at a steep price, reflecting the value of such a large dataset. If authentic, the exposed email addresses and plaintext passwords—unencrypted and easily readable—could allow criminals to access PayPal accounts, siphon funds, or use the credentials to breach other platforms where users may have reused passwords. The potential for identity theft is particularly alarming, as attackers could exploit the stolen information to impersonate victims, open fraudulent accounts, or conduct unauthorized transactions.
PayPal, one of the world’s largest online payment platforms, has maintained that its systems have not been compromised recently. The company pointed to a 2022 incident in which unauthorized access affected certain user accounts, but it claims that issue was fully resolved, with affected users notified and systems strengthened. Cybersecurity analysts, however, warn that the resurfacing of such a large dataset, whether from a new breach or an old one, underscores the persistent risks of storing sensitive data online. The alleged plaintext storage of passwords, if true, would represent a significant lapse in security practices, as modern standards typically require passwords to be encrypted.
The news has prompted urgent calls for PayPal users to take immediate action. Experts recommend changing passwords, enabling two-factor authentication, and monitoring accounts for suspicious activity. The incident also highlights broader concerns about data security in an era of increasing cybercrime, with millions of users now left grappling with the uncertainty of whether their personal information is safe. As investigations continue, the true scope and source of the alleged breach remain under scrutiny, leaving both PayPal and its users on high alert.
Please follow us on Facebook and X for more news, tips, and reviews. Need cord cutting tech support? Join our Cord Cutting Tech Support Facebook Group for help. You can find Luke on X HERE.