PayPal customers data exposed after PayPal breach
Data Leak
Summary
Hide ▲
Show ▼
PayPal disclosed a data leak in its PayPal Working Capital (PPWC) loan application that exposed a small number of customers' PII for nearly six months. The exposed information included names, email addresses, phone numbers, business addresses, Social Security numbers, and dates of birth. PayPal said it rolled back the code change that caused the exposure, reset passwords for impacted accounts, and offered two years of credit monitoring and identity restoration services.
Related Happenings
PayPal customer accounts hit by cyberattack
Incident
First: 20.02.2026 15:12
Last: 20.02.2026 15:12
Sources 1
How related:
PayPal also detected unauthorized transactions on the accounts of a small number of customers as a direct result of the incident and has issued refunds to those affected.
About this happening:
**PayPal** confirmed **unauthorized transactions** on the accounts of a **small number of customers**, adding direct financial harm to the broader breach. The company said it **is...
PayPal customer accounts hit by cyberattack
IncidentHow related: PayPal also detected unauthorized transactions on the accounts of a small number of customers as a direct result of the incident and has issued refunds to those affected.
About this happening: **PayPal** confirmed **unauthorized transactions** on the accounts of a **small number of customers**, adding direct financial harm to the broader breach. The company said it **is...
Phishing-led RMM abuse campaign using fake PayPal alerts
Campaign
First: 14.01.2026 18:00
Last: 14.01.2026 18:00
Sources 1
About this happening:
A **phishing-led intrusion campaign** is abusing legitimate **RMM tools** to move from personal accounts into corporate environments, creating stealthy remote access and persisten...
Phishing-led RMM abuse campaign using fake PayPal alerts
CampaignAbout this happening: A **phishing-led intrusion campaign** is abusing legitimate **RMM tools** to move from personal accounts into corporate environments, creating stealthy remote access and persisten...
Timeline
-
20.02.2026 15:12 1 articles · 3mo ago
PayPal identifies PPWC PII exposure
Detection Ioc UpdatePayPal identified that an error in its PayPal Working Capital (PPWC) loan application exposed customers' PII, including names, email addresses, phone numbers, business addresses, Social Security numbers, and dates of birth, to unauthorized individuals.
Show sources
- PayPal discloses data breach that exposed user info for 6 months — www.bleepingcomputer.com — 20.02.2026 15:12
-
20.02.2026 15:12 1 articles · 3mo ago
PayPal rolls back the PPWC code change
Mitigation Patch UpdatePayPal rolled back the code change responsible for the PayPal Working Capital (PPWC) loan application error, blocking unauthorized access to the exposed data.
Show sources
- PayPal discloses data breach that exposed user info for 6 months — www.bleepingcomputer.com — 20.02.2026 15:12
-
20.02.2026 15:12 2 articles · 3mo ago
PayPal notifies customers and issues refunds
Victim Impact UpdatePayPal notified affected customers that unauthorized transactions were detected on a small number of accounts, issued refunds, reset passwords for impacted accounts, and offered two years of free three-bureau credit monitoring and identity restoration services through Equifax.
Show sources
- PayPal discloses data breach that exposed user info for 6 months — www.bleepingcomputer.com — 20.02.2026 15:12
- PayPal discloses data breach that exposed user info for 6 months — www.bleepingcomputer.com — 20.02.2026 15:12