{"id":215649,"date":"2026-02-20T08:12:00","date_gmt":"2026-02-20T13:12:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/20\/paypal-discloses-data-breach-that-exposed-user-info-for-6-months\/"},"modified":"2026-02-20T10:05:13","modified_gmt":"2026-02-20T15:05:13","slug":"paypal-discloses-data-breach-that-exposed-user-info-for-6-months","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/20\/paypal-discloses-data-breach-that-exposed-user-info-for-6-months\/","title":{"rendered":"PayPal discloses data breach that exposed user info for 6 months"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/paypal-discloses-data-breach-exposing-users-personal-information\/\">PayPal discloses data breach that exposed user info for 6 months<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/paypal-discloses-data-breach-exposing-users-personal-information\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/paypal-discloses-data-breach-exposing-users-personal-information\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-20 08:12:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year.<\/p>\n<p>The incident affected the PayPal Working Capital (PPWC) loan app, which provides small businesses with quick access to financing.<\/p>\n<p>PayPal discovered the breach on December 12, 2025, and determined that customers&#8217; names, email addresses, phone numbers, business addresses, Social Security numbers, and dates of birth had been exposed since July 1, 2025.<\/p>\n<p> <img decoding=\"async\" src=\"https:\/\/www.bleepstatic.com\/c\/w\/ai-security-board-report-template.jpg\" alt=\"Wiz\" style=\"margin-top: 0px;\"\/><\/p>\n<p>The financial technology company said it has reversed the code change that caused the incident, blocking attackers&#8217; access to the data one day after discovering the breach.<\/p>\n<p>&#8220;On December 12, 2025, PayPal identified that due to an error in its PayPal Working Capital (&#8220;PPWC&#8221;) loan application, the PII of a small number of customers was exposed to unauthorized individuals during the timeframe of July 1, 2025 to December 13, 2025,&#8221; PayPal said in breach notification letters sent to affected users.<\/p>\n<p>&#8220;PayPal has since rolled back the code change responsible for this error, which potentially exposed the PII. We have not delayed this notification as a result of any law enforcement investigation.&#8221;<\/p>\n<p>PayPal also detected unauthorized transactions on the accounts of a small number of customers as a direct result of the incident and has issued refunds to those affected.<\/p>\n<p>The company now\u00a0offers affected users two years of free three-bureau credit monitoring and identity restoration services through Equifax, which require enrollment by June 30, 2026.<\/p>\n<p>Affected customers are also advised to monitor their credit reports and their account activity for suspicious transactions. PayPal reminded users that it never requests account passwords, one-time codes, or other authentication credentials via phone, text, or email, a common tactic used in phishing attacks that often follow data breach disclosures.<\/p>\n<p>While&#8230;<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/paypal-discloses-data-breach-exposing-users-personal-information\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>PayPal discloses data breach that exposed user info for 6 months https:\/\/www.bleepingcomputer.com\/news\/security\/paypal-discloses-data-breach-exposing-users-personal-information\/ Publish Date: 2026-02-20&#8230;<\/p>\n","protected":false},"author":1,"featured_media":215650,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2026\/02\/20\/PayPal-headpic.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,30,25],"class_list":["post-215649","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-breach","tag-phishing"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215649"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=215649"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215649\/revisions"}],"predecessor-version":[{"id":215651,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215649\/revisions\/215651"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/215650"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=215649"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=215649"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=215649"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}