It looks like you now have another reason to use different passwords on different sites, as 35,000 PayPal accounts were recently hacked into by attackers using known information from other resources.

What is known

According to information Bleeping Computer, 34,943 PayPal users were affected by the latest mass attack on the credential spoofing system. Credential spoofing is an automatic process during which credentials from other, less secure sites where you provided your password are tried to login to a site. Therefore, if you have one universal password for all occasions, then hacking this type is not difficult.

The fact is that many sites do not have such an advanced security system as PayPal or your banking application. Yes, and this does not make sense – after all, it is unlikely that you will be very protective of the site on which you registered in order to download a picture with cats for your desktop. Therefore, stealing passwords from such sites is not that very difficult. If you use the same password, especially in combination with the same login for multiple sites, this makes it much easier for attackers.

PayPal has changed passwords and alerted affected users, as well as providing two years of free Equifax identity monitoring to keep abreast of developments. The company recommends that everyone enable two-factor authentication to protect against these attacks in the future, and of course change their passwords on other sites. Especially where you store money or your personal data.

A source: PC Gamer