So, my Paypal account was hacked a few days ago apparently. I reconcile my financial records with my bank & credit card accounts at least once a week…this week, there was $1700 missing from my bank account. I made the mistake of linking Paypal to both my credit card and my bank account. I had my reasons for adding my bank account (it used to bypass fees and a few other things), but I never expected it to be a problem since Paypal seemed trustworthy.
Well, I don’t know how it happened…it wasn’t a phishing scam, or my giving out my account info (intentionally at least) to friends/family or anyone else. Somehow the hacker was able to get into my account, update my credit card address to his, and then order a PC from HP online…and then cancel the order and get the refund sent to him. Paypal never sent me a payment confirmation email like they normally do, but my email address is still the only one on the account (at least it was when I checked). So I’m surprised I didn’t know about this earlier. I’m also surprised they didn’t validate the update to the credit card billing address (since it’s used to confirm a shipping address). Maybe my CC company said it was valid, but it wasn’t…totally different city, state, and street address…
I’m a bit miffed at this whole thing – I do conduct business online, but I’m pretty careful with anything financial online. I’ve tried to extend trust proactively to a handful of sites that I found useful…Paypal, Mint, and a few others. I think that was a mistake now – I’m going to go back and make sure any online account never has my checking account info. The only exception will be my mortgage and utility companies…at least for now. I really don’t want to mail in bills for those…so I’ll proceed with caution there. I don’t really believe all of these services at automatically insecure due to this one issue with Paypal, but it just made me thing about it and every copy of my account info increases the chances of a security breach.
I’m not worried about getting my money back – I feel confident (at this point at least) that Paypal will get everything sorted out and fixed up within a week or two. This isn’t something I want to deal with again though – I don’t normally keep a ton of money in my checking account, so if this would have happened a few months ago, it would have been a huge issue. As is, it’s just a wake up call and an annoyance. It’s a good learning experience at least.