Skip to content
Sign In Subscribe
Data Breaches

Alleged PayPal Credential Leak: 104K Email and Password Combinations Exposed

 and  Dark Web Informer
8 min read
Dark Web Informer - Cyber Threat Intelligence

Alleged PayPal Credential Leak: 104K Email and Password Combinations Exposed

Financial Services

🧩 Standalone API Access Now Available

Access high-volume threat-intelligence data, automated ingestion endpoints, ransomware feeds, IOC data, and more – independently from the above standard subscriptions.

View API Access

Unlock Exclusive Cyber Threat Intelligence

Powered by DarkWebInformer.com

Foundational access to breach intelligence. Track breaches, leaks, and threats in real time with high quality screenshots and concise expert summaries.

📚
5,100+ Blog Posts (PRO/ELITE)
Continuously updated breach reports and threat summaries.
📢
52,200+ Alerts (PRO/ELITE)
Daily breach, leak, and DDoS alerts.
📤
Unredacted Threat Feed
Live tracking with JSON export.
🔍
Leak and Breach Coverage
Direct access to claims and posts.
📡
Snippets and Quick Facts
Concise summaries of DDoS, defacements, and breaches.
🌐
500+ Onion and Clearnet Resources
Verified index of dark web sites and services.
📊
Real Time Uptime Dashboard
Live status of 500+ sites.
🤖
WhiteIntel.io API
Integrated checks inside breach posts.
🖼️
High Resolution Images
Uncompressed, watermark free evidence.
🔑
Keyword Notifications
Browser alerts for tracked terms.
💳 Subscribe Now 🪙 Pay with Crypto

Quick Facts

Date and Time of Alert
2026-01-11 06:16:37 UTC
Threat Actor
Lud
Victim Country
Unknown
Industry
Unknown
Victim Org.
Unknown
Victim Site
Unknown
Category
Combolist
Severity
Medium
Network
Clearweb

Incident Overview

A threat actor using the handle "Lud" posted on a popular forum on January 11, 2026 claiming to be sharing approximately 104,000 PayPal user credentials in a combo list format (email:password). The threat actor states this data is from December 2025 and claims nobody has shared it before.

  • Data Format: Email:Password combo list
  • Record Count: Approximately 104,472 lines
  • Alleged Date: December 2025
  • Distribution: Free share on the forum
  • Sample Data Visible: Multiple email addresses with associated passwords shown in screenshot
  • Archive Links: Multiple file hosting services (MEGA, Gofile, Pixeldrain)

Indicators of Compromise (IOCs)

No IOCs were disclosed by the threat actor in this claim.

Breach Claim URL

For Subscribers Only

If you are a subscriber, check the Threat Feed or Ransomware Feed in the subscribers area.

Image Preview

PayPal credential leak post on BreachForums by Lud showing 104K combolist with email and password samples

Unlock Exclusive Cyber Threat Intelligence

Powered by DarkWebInformer.com

Foundational access to breach intelligence. Track breaches, leaks, and threats in real time with high quality screenshots and concise expert summaries.

📚
5,100+ Blog Posts (PRO/ELITE)
Continuously updated breach reports and threat summaries.
📢
52,200+ Alerts (PRO/ELITE)
Daily breach, leak, and DDoS alerts.
📤
Unredacted Threat Feed
Live tracking with JSON export.
🔍
Leak and Breach Coverage
Direct access to claims and posts.
📡
Snippets and Quick Facts
Concise summaries of DDoS, defacements, and breaches.
🌐
500+ Onion and Clearnet Resources
Verified index of dark web sites and services.
📊
Real Time Uptime Dashboard
Live status of 500+ sites.
🤖
WhiteIntel.io API
Integrated checks inside breach posts.
🖼️
High Resolution Images
Uncompressed, watermark free evidence.
🔑
Keyword Notifications
Browser alerts for tracked terms.
💳 Subscribe Now 🪙 Pay with Crypto

Dark Web Informer © 2026 | Cyber Threat Intelligence

DarkWebInformer.com

Related

Latest