PayPal is paying up for reportedly failing to protect tens of thousands of customers’ sensitive personal information. New York State’s Department of Financial Services (DFS) announced on Thursday, Jan. 23, that the company will pay a $2 million fine for cybersecurity failures in early 2022, which exposed customers Social Security numbers.
Media Landscape
This story is a Media Miss by the left as only 0% of the coverage is from left leaning media. Learn more about this data
Left 0%
Center 67%
Right 33%
Bias Distribution Powered by Ground News™
The fine is for violating the department’s cybersecurity regulation, which was implemented in 2017.
A probe by the DFS found that PayPal did not use qualified staff to manage crucial cybersecurity functions or provide proper training to protect against cybersecurity risks.
Point phone camera here
The financial service’s superintendent said systemic failures led to dates of birth and Social Security numbers belonging to PayPal customers being exposed to cybercriminals for around seven weeks.
PayPal was alerted to the problem after a security analyst read an online message reading, “PP EXPLOIT TO GET SSN.”
The following day, PayPal’s cybersecurity team saw a surge in attempts to hack its online platform, as cybercriminals used stolen data to access the federal tax forms of tens of thousands of customers.
The probe also found problems with PayPal’s former practice of not requiring multifactor authentication or employing tactics to detect bots.
PayPal cooperated with the investigation and said in response to the probe that keeping “a secure platform is a top priority.”
The company now requires all U.S. customers to use multifactor authentication, required password resets on affected customer accounts, and it deployed protections to detect bots.
[CRAIG NIGRELLI]
PAYPAL IS PAYING UP FOR FAILING TO PROTECT TENS OF THOUSANDS OF CUSTOMERS’ SENSITIVE PERSONAL INFORMATION.
NEW YORK STATE’S DEPARTMENT OF FINANCIAL SERVICES ANNOUNCED THURSDAY THE COMPANY WILL PAY A TWO-MILLION DOLLARS FINE FOR CYBERSECURITY FAILURES IN 2022 EXPOSING CUSTOMERS SOCIAL SECURITY NUMBERS.
THE FINE IS FOR VIOLATING THE DEPARTMENT’S CYBERSECURITY REGULATION IMPLEMENTED IN 2017.
A PROBE BY THE DEPARTMENT OF FINANCIAL SERVICES FOUND PAYPAL DID NOT USE QUALIFIED STAFF TO MANAGE CRUCIAL CYBERSECURITY FUNCTIONS OR PROVIDE PROPER TRAINING TO PROTECT AGAINST CYBERSECURITY RISKS.
THE FINANCIAL SERVICE’S SUPERINTENDENT SAID SYSTEMIC FAILURES LED TO DATES OF BIRTH AND SOCIAL SECURITY NUMBERS BELONGING TO PAYPAL CUSTOMERS TO BECOME EXPOSED TO CYBER-CRIMINALS FOR AROUND SEVEN WEEKS.
PAYPAL WAS ALERTED TO THE PROBLEM AFTER A SECURITY ANALYST READ AN ONLINE MESSAGE SAYING QUOTE: “P-P EXPLOIT TO GET S-S-N.”
THE FOLLOWING DAY, PAYPAL’S CYBERSECURITY TEAM SAW A SURGE IN ATTEMPTS TO HACK ITS ONLINE PLATFORM AS CYBERCRIMINALS USED STOLEN DATA TO ACCESS THE FEDERAL TAX FORMS OF TENS OF THOUSANDS OF CUSTOMERS.
THE PROBE ALSO FOUND PROBLEMS WITH PAYPAL’S FORMER PRACTICE OF NOT REQUIRING CUSTOMERS TO USE MULTIFACTOR AUTHENTICATION OR EMPLOYING TACTICS TO DETECT BOTS.
PAYPAL COOPERATED WITH THE INVESTIGATION, AND SAID IN RESPONSE TO THE PROBE, KEEPING “A SECURE PLATFORM IS A TOP PRIORITY.”
THE COMPANY NOW REQUIRES ALL U-S CUSTOMERS TO USE MULTIFACTOR AUTHENTICATION, REQUIRED PASSWORD RESETS ON AFFECTED CUSTOMER ACCOUNTS, AND DEPLOYED PROTECTIONS TO DETECT BOTS, ACCORDING TO A CONSENT ORDER
FOR MORE ON THIS STORY– DOWNLOAD THE STRAIGHT ARROW NEWS APP OR VISIT SAN DOT COM.
Media Landscape
This story is a Media Miss by the left as only 0% of the coverage is from left leaning media. Learn more about this data
Left 0%
Center 67%
Right 33%
Bias Distribution
24 other sources covering this story
Total News Sources
24
Leaning Left
0
Center
4
Leaning Right
2
Last Updated
11 hours ago
Bias Distribution Powered by Ground News™
Straight to your inbox.
By entering your email, you agree to the Terms & Conditions and acknowledge the Privacy Policy.
MOST POPULAR
-
Getty Images
Hundreds of criminals arrested, reports of US citizens detained in ICE raids
-
AP Images
Hegseth’s final confirmation vote for defense secretary expected Friday
-
Getty Images
Trump signs order to declassify JFK, RFK and MLK assassination files
-
AP Images
Newark mayor accuses ICE of detaining veteran in raid
