This is embarrassing, but I had a very old and not particularly strong password on my PayPal account which I almost never use anymore so it went under the radar. Fortunately, I did have MFA on it so I knew my password had been compromised when I woke up this morning to several MFA requests. Went into my password manager, found the handful of accounts that still shared this old password, and started changing them all.
All, that is, except for 3essentials because when I went to their site, I get the “This site contains malware” warning from Firefox. I checked Google’s transparency report on the site and it was updated today, which I would take to be that it was scanned today and the malicious content was found. I know that’s not 100% accurate, but that’s all I’ve got.
With what limited data I have, I can presume that 3essentials is the source of the password compromise. An organization I work with used them for web hosting many years ago before they moved to a different provider, so I’m not even a current customer of theirs.
The more concerning thing is that, if they are genuinely the source of this compromise, this would indicate they are storing passwords in plain text.
View Reddit by rtuite81 – View Source