PayPal fined by New York for cybersecurity failures

Posted by:
James Thompson
Sun, 26 Jan
0 Comment
Feature image

Financial service giant PayPal has been hit with a $2 million fine by regulators in New York for failing to secure customer data in a 2022 cybersecurity breach. The breach exposed sensitive information, such as social security numbers and email addresses, of tens of thousands of customers. The New York State Department of Financial Services (DFS) determined that PayPal’s cybersecurity practices were inadequate, citing failure to train employees on security measures and not using qualified personnel for key cybersecurity functions. The breach was facilitated by a hacking technique called ‘credential stuffing’, which allowed cybercriminals to access customer data after PayPal made changes to its data flows without proper training for employees. In response, Superintendent Adrienne A. Harris emphasized the importance of robust cybersecurity measures to protect consumer data and mitigate risks. Customers affected by the breach are urged to consider identity theft protection services to safeguard their information.

Tags:

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments