PayPal recently reported a data breach that compromised the personal information of a small number of customers, leading to fraudulent transactions. The breach, which lasted nearly six months from July 1 to December 13, 2025, was caused by an error in the code of the PayPal Working Capital loan application that exposed sensitive details such as names, email addresses, and Social Security numbers. While PayPal has indicated that its systems were not compromised and has issued refunds to affected customers, the official notification to impacted individuals revealed that unauthorized access was terminated following the discovery of the breach, raising questions about the company’s statements.
PayPal exposes customer data in breach, leading to fraud
