SAN JOSE, CA - A massive set of PayPal login credentials has surfaced for sale on a dark web marketplace, with hackers alleging it contains information on nearly 15.8 million accounts worldwide. The dataset reportedly includes email addresses, plaintext passwords, and associated PayPal login URLs - a combination that, if authentic, could enable criminals to commit widespread identity theft and financial fraud. Hackers’ Claims The seller is advertising the database, … [Read more...]
Record-Breaking Data Leak Exposes 16 Billion Credentials Including Session Tokens
WEST PALM BEACH, FL - A massive trove of approximately 16 billion username-password combinations—along with session tokens and cookies - has surfaced on unsecured servers, cybersecurity researchers confirmed. The cache appears to be an aggregate of around 30 previously known data sets, sourced from malware-based credential thefts and older breaches, rather than a fresh, single-source attack. Security analysts emphasize the sheer volume of data makes it impossible to … [Read more...]
Massive Data Breach Exposes 184 Million Login Credentials from Major Tech Platforms
WEST PALM BEACH, FL - A significant data breach has compromised over 184 million login credentials, affecting users of major platforms including Google, Apple, Meta (Facebook, Instagram), Microsoft, Snapchat, and others. The exposed information includes email addresses, usernames, plaintext passwords, and login URLs, posing a substantial risk of identity theft and unauthorized account access. Cybersecurity researcher Jeremiah Fowler discovered the unprotected database, … [Read more...]
50 Million Potentially Compromised In PowerSchool Data Breach
SACRAMENTO, CA - On December 28, 2024, PowerSchool, a prominent provider of educational technology services to over 60 million K-12 students worldwide, identified a cybersecurity incident involving unauthorized access to its Student Information System (SIS) through the PowerSource customer support portal. The breach, which occurred between December 19 and December 24, 2024, allowed threat actors to exfiltrate sensitive data, including names, addresses, dates of birth, … [Read more...]