PayPal has revealed a data breach that affected users of its PayPal Working Capital (PPWC) loan application This article explores affected breach paypal. . For almost six months, a software coding error exposed private information to unauthorized parties.

Customer data was accessed without authorization during the roughly 165-day period from July 1, 2025, to December 13, 2025, as a result of the breach, which was discovered on December 12, 2025. More than two months after learning of the incident, on February 10, 2026, the fintech behemoth sent official breach notification letters to impacted clients. One day after discovering the problem, on December 13, 2025, PayPal said it reversed the incorrect code change, thereby stopping unwanted access.

The business affirmed that there was no delay in alerting impacted users due to a law enforcement investigation. What Information Was Made Public Sensitive identity information and a valuable combination of business contacts are among the compromised data. In addition to their Social Security number (SSN) and date of birth, the impacted customers' full name, email address, phone number, and business address may have been sufficiently exposed to allow for identity theft, account takeover, and targeted social engineering attacks.

Due to PayPal's PPWC product, which is especially made for small businesses and offers rapid access to merchant financing, business owners and sole proprietors who applied for working capital loans through the platform were disproportionately affected by the breach.

PayPal confirmed that it has refunded affected customers and reset passwords for all affected accounts after a small percentage of affected customers reported unauthorized transactions on their accounts as a direct result of the exposure. Following its discovery, PayPal blocked unauthorized access, reset account passwords, and is now providing all impacted customers with two years of free three-bureau credit monitoring and identity restoration services through Equifax Complete Premier. Enrollment must be completed by June 30, 2026.

Daily access to Equifax credit reports, three bureau monitoring with email alerts, WebScan dark web alerts for financial account numbers and SSNs, automated fraud alerts, and up to $1,000,000 in identity theft insurance coverage are all included in the monitoring package. Using the special activation code they were given, affected users must enroll at Equifax.

The precise number of customers impacted by the breach has not yet been made public by PayPal. Users should change their credentials and enable multi-factor authentication right away if they notice any suspicious account activity, the company reminds users, and it will never ask for account passwords, one-time codes, or authentication credentials over the phone, text, or email. This incident comes after PayPal's January 2023 breach, in which 35,000 accounts were compromised through credential stuffing, and its January 2025 $2 million settlement with the New York State Department of Financial Services for violations of cybersecurity regulations.

Make ZeroOwl your Google Preferred Source.