PayPal notifies customers of data breach that exposed SSNs and more for nearly 6 months

PayPal notifies customers of data breach that exposed SSNs and more for nearly 6 months

PayPal has started disclosing a 2025 data breach that lasted for six months.

PayPal admits customer data was exposed in security breach

Millions trust PayPal with their most sensitive financial details — but some users are now learning that a security breach quietly exposed customer data for six months before it was detected. While the company says only around 100 accounts were potentially impacted, the information accessed includes highly sensitive personal details, and a small number of users reported unauthorized transactions. Even more concerning is the timeline: the intrusi…

PayPal's 'bad code' leads to unauthorized payments

Social Security numbers, business addresses and other sensitive information were exposed in PayPal's breach. The company has fixed the error and refunded the victims.

PayPal Working Capital Security Lapse Exposes Data of 100 Users

PayPal notified about 100 customers of PayPal Working Capital (PPWC) that their personally identifiable information (PII) was exposed to unauthorized individuals over a five-month period due to an error in its PPWC loan application. The company identified the error on Dec. 12 and learned that the PII was exposed from July 1 to Dec. 13 it said in a Feb. 10 notice of data breach sent to customers in Massachusetts. “We have not delayed th…

PayPal’s Six-Month Data Breach Exposes a Troubling Gap in Corporate Cybersecurity Vigilance

PayPal, one of the world’s most widely used digital payment platforms, has confirmed a data breach that may have left sensitive user information exposed for roughly six months before the company detected and addressed the vulnerability. The disclosure, which has drawn scrutiny from security professionals and regulators alike, raises pointed questions about how long threat actors can operate undetected inside major financial technology infrastruc…