Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

PayPal Data Breach Led to Fraudulent Transactions

PayPal blamed an application error for the exposure of customer personal information for nearly 6 months. 

PayPal data breach

PayPal recently disclosed a data breach that affected customers’ personal information and led to fraudulent transactions.

Notification letters sent to impacted individuals revealed that the cybersecurity incident was caused by an error in the PayPal Working Capital (PPWC) loan application.

Due to the error, the personal information of a “small number of customers” was exposed for nearly six months, between July 1 and December 13, 2025.

Exposed information included names, email addresses, dates of birth, phone numbers, and business addresses combined with SSNs. 

The code that had introduced the error was rolled back and the affected customers’ passwords were reset. However, the vulnerability was exploited before it was patched.

“A few customers experienced unauthorized transactions on their account and PayPal has issued refunds to these customers,” PayPal said in its notification, a copy of which was submitted to authorities in Massachusetts. 

Advertisement. Scroll to continue reading.

In a statement, PayPal said it notified the roughly 100 customers affected by the incident, but noted that its “systems were not compromised.” 

This contradicts the official notification to affected users, which states that it “terminated the unauthorized access to PayPal’s systems” after detecting the breach. 

SecurityWeek has reached out to PayPal for clarification.

Related: French Government Says 1.2 Million Bank Accounts Exposed in Breach

Related: PayPal Phishing Campaign Employs Genuine Links to Take Over Accounts

Related: Malicious NPM Packages Target Cryptocurrency, PayPal Users

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Scott Rachford has been named CEO at GuidePoint Security.

Camelot Secure has appointed Victor Brown as Chief Technology Officer.

Sherrod DeGrippo has been appointed Head of Threat Intelligence for Palo Alto Networks Unit 42.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.