PayPal breach - Integrity360 Comment
January 2023 by Patrick Wragg - Cyber Threat Response Manager, Integrity360
As PayPal discloses a data breach, sending notifications to thousands of users who had their accounts accessed through credential stuffing, the comment from Patrick Wragg, Cyber Incident Response Manager, Integrity360:
"Falling prey to credential stuffing (as reported) highlights the significance of a robust MFA (Multi-factor Authentication) solution. Every credential stuffing incident the IR team at Integrity360 comes across shows that victims are still choosing passwords that are easy to remember (and therefore guess). Adding the extra security step that is MFA means that password strength is not the only hurdle attackers have to cross."