This is interesting. Luckily enough Pay Pal refunded my money within minutes and it was a small amount of cash. Any thoughts?

Here's the timeline.

Bank phones me to tell me that my credit card *may* have been comprimised and they were issuing me a new one. Details were sketchy (or they couldn't say exactly what details they had) but they finally told me that a business I had bought from recently may have been 'comprimised'. The last 3 businesses I spent money on were komplett, google and an Irish hosting company.

I get the new credit card and log the new card details with PayPal

This morning I get a confirmation email from an online store regarding a purchase through PayPal. Normally I wouldn't pay this any attention or put it down to phishing but they list my account confirmation password as an actual password that I use for PayPal!

That's pretty much it. I've changed my password now and everything is sorted. I'm a little unsettled though as to how exactly they got a password
that I normally use. I am guessing that they somehow hacked direct into my PayPal account.

Any ideas? I am fully Virus and Spyware proof here so I don't think they were key logging etc. Incidentally, the PayPal password was the same used for one of the 3 businesses used above so I am kinda thinking that they were hacked themselves or breached maybe?

__________________
Peter Knight - Web Designer
.................................................. ..................................................
Eden Web - Web Design Ireland Virtual Tour Company Dublin Photographer

very strange situation as I don't think PayPal stores the password in plain text, so the weird thing is that your password was in the email you got.

PayPal never sends your password as is meant to be encrypted.
If you forgot it they send you a link to change it, of course after few verifications emails.

__________________
:. Web Design & Development Web Design Ireland
:. Search Engines Optimization Search Engines Optimization
:. Directory Submission Directory Submission
:. News & Press Release Ireland GiveItSocks.com
:. Used Cars Ireland, Car Parts & Car Audio Cars For Sale, Car Parts & Accessories
:. I Have 2 Find It Directory SEF Directory

Do you store your passwords in your browsers? I find Firefox very unsecure for this kind of thing. All someone needs to do is to look at your stored passwords and you're ******ed. I'm amazed that they have yet to password protect their password manager.

__________________
blog | Geansaí Gorm - Written entirely in, awful, Irish! | Me on Blue Jumpers
*

Yeah they do now.

@ Cormac
I do for some websites but not Pay Pal.

That is a scary story - could have easily gone much much worse

__________________
| John M. Ryan | Irish Mobile Phone |Mobile Phone Forum

It's a horrible thought alright, someone getting into your paypal. Glad no serious harm came of it

__________________
My Blog - You'll like it.| Web Design.

The master password feature has been there for a good while hasn't it ?

__________________
Forbairt Media | Web Design & Development Galway / Dublin, Ireland - coming soon ... ( vague but descriptive isn't it )
Recent Work: Safari Club African Safari Holidays - Malawi Safaris
Other Stuff: FluffyLinkulator Rapid Inclusion Service Tools