Smart SpendingSmart Spending

PayPal president’s credit card hacked

David Marcus pitched the incident as a reason to use his online payment processing business. Is PayPal the answer to ID theft?

By Money Staff Feb 12, 2014 1:49PM

This post comes from Christine DiGangi at partner site on MSN MoneyWhen David Marcus’ credit card was skimmed, cloned and used for an unauthorized shopping spree, he saw a business opportunity.

That’s because Marcus is the president of PayPal, an Internet-based payment processing business that has been billed as an alternative to the tedious and sometimes insecure process of entering a credit card number when making transactions online. Marcus’ credit card was skimmed while he was in the United Kingdom, which he announced on Twitter:

Marcus on Twitter

Credit card technology and security has been widely analyzed in the news media since Target announced a massive data breach in December. Some experts have suggested the Target hackers could have been deterred by EMV, or chip-and-pin, credit card technology, which is commonplace abroad but not yet mainstream in the U.S. Here, credit cards still use magnetic stripes to complete payment, a technology that dates to the 1960s, and credit card skimmers have perfected the mag-stripe cloning process as a way to steal batches of card numbers.

Marcus says his card has EMV technology, but acknowledged the mag-stripe may have been cloned, since some cards carry both technologies so they can be used internationally.

Is PayPal the answer?

There are different schools of thought on whether chip-and-pin ubiquity would substantially improve credit card security or whether the technological upgrade would be worth the expense. After all, hackers will find a way to beat the security measures. Technology has evolved this way for decades.

PayPal President David Marcus
Credit: © Yuriko Nakao/Reuters
But PayPal has its own strengths and weaknesses. Users tie their bank accounts or credit card to PayPal, which you access by entering your email address and a password. Email-password security has its own limitations, considering how nonchalant some people are about their password choices.

Deena Coffman, information security officer for IdentityTheft 911, said email addresses and passwords aren’t necessarily enough to protect your account from getting hacked, even though PayPal encrypts your account information on its own secure servers. If a hacker can get your name and password, they can get access to your account.

Coffman also highlighted a PayPal strength: Its bug bounty program. If a hacker finds a weakness in the platform’s security, they’re compensated for alerting the company. It serves as a breach deterrent and doubles as security research.

Amid the credit card security debate, it’s understandable for a consumer to feel a little lost. Security will always be a concern, even as new technologies hit the market, so the best thing you can do is monitor your bank accounts and credit for misuse. It’s a good habit to check your bank activity daily, in addition to regularly reviewing your credit reports and checking your credit scores. A free tool like’s Credit Report Card can help you monitor your credit scores for changes, which can be a cue to check your credit reports (which you can pull for free once a year) for errors or unauthorized accounts.

More from

Feb 12, 2014 2:44PM
If you feel comfortable with writing pay pal a blank check and agreeing to their fat list of policies(I recommend you take the time to read every last one and the new ones that come out every year), then by all means use pay pal like there is no tomorrow. can't even put a number on how many people have told me about issues with pay pal using their banks accounts and credit cards without authorization. they keep a ton of your personal information and feed you a boatload of disclaimers should anything go wrong. bottom line. pay pal is not responsible for anything under the sun and moon according to their policies.
Feb 12, 2014 2:22PM
Pay Pal account can and has been hacked also.
Feb 12, 2014 3:03PM

I had FIVE Paypal debit cards hacked. Never a problem with any other card I use.

I gave up and refuse to use their card.

He is throwing stones and living in a glass tower.

Feb 12, 2014 2:42PM
yeah, those punks screwed me once years ago.  never used them again and never will.
Feb 12, 2014 3:07PM
hackers and congress    aren't they the same? 
Feb 12, 2014 4:17PM
I had my Hotmail account hacked in 2007 and unfortunately feeling safe with it I saved too much information in it and the hacker got into my PayPal and sent himself $500 but fortunately I had nothing in my bank account it was tied too LOL. After clearing it up with my bank and PayPal I learned from the event and take e-mail and online ordering security much much more seriously.
Feb 13, 2014 4:37AM
Feb 12, 2014 2:23PM
I love my paypal card and use it to shop at stores (especially) in light of the recent hacks.
Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates theCode of Conductplease use this form to notify the moderators. They will investigate your report and take appropriate action. If necessary, they report all illegal activity to the proper authorities.
100 character limit
Are you sure you want to delete this comment?


Copyright © 2014 Microsoft. All rights reserved.

Fundamental company data and historical chart data provided by Morningstar Inc. Real-time index quotes and delayed quotes supplied by Morningstar Inc. Quotes delayed by up to 15 minutes, except where indicated otherwise. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by Morningstar Inc.


Smart Spending brings you the best money-saving tips from MSN Money and the rest of the Web. Join the conversation on Facebook and follow us on Twitter.