According to an article in the Financial Times, researchers have discovered a hole in an extra security measure used by PayPal (the eBay subsidiary).
Michigan-based cyber security company (Duo Security) stated that it found a way to bypass so-called two-step authentication – where a code is sent to a user’s mobile phone to confirm they are logging in – on the PayPal app. Known breaches of two factor authentication, which is also used to protect online banking, email and social media accounts, are rare.
PayPal has prided itself on its top-notch security but its parent company eBay suffered a cyber attack in May, when encrypted passwords to the e-commerce site were stolen. The company said PayPal was not affected in the breach.
Source: Financial Times