The Lower Eastern Times Opening The Third Eye
Related Articles
Global payments company PayPal has revealed a data exposure incident that affected some of its customers after a coding error in one of its business financing products left sensitive information accessible for several months.
According to TechRadar, the flaw occurred in the PayPal Working Capital (PPWC) loan application — a financing tool that provides eligible businesses with cash advances based on their PayPal sales records.
Click here to join our WhatsApp Channel
The issue was discovered on December 12, 2025, but investigations showed it had been active since July 1, meaning customer information may have been exposed for more than five months.
Reports indicate that the vulnerability could have revealed various types of personally identifiable information, including names, email addresses, phone numbers, business locations, Social Security numbers, and dates of birth.
Cybersecurity analysts warn that when such details are exposed together, they can heighten the risk of targeted phishing schemes and identity theft.
In notices sent to affected customers, PayPal acknowledged that a limited number of users experienced unauthorized transactions during the period the flaw was active.
While the company did not specify the total number of customers impacted, it confirmed that the vulnerability has been fixed, unauthorized access blocked, and affected users reimbursed. PayPal also reset passwords on impacted accounts and reversed the faulty code update.
“We have not delayed this notification as a result of any law enforcement investigation,” the company stated.
Due to the sensitivity of the exposed information, PayPal is offering two years of free credit monitoring and identity restoration services through Equifax — a common response following data breaches involving personal information.
The company has advised users to stay vigilant, especially against unsolicited emails, suspicious links, and unexpected attachments, noting that cybercriminals often exploit breach-related concerns to carry out phishing attacks.
Details about the full extent of the breach, including the exact number of affected users, have not yet been made public.
PayPal is among the largest digital payments platforms globally, allowing individuals and businesses to send, receive, and manage money electronically across borders.
Founded in the United States, the fintech company operates as an online intermediary, enabling users to complete transactions without directly sharing their bank or card details with merchants. The platform is widely used in e-commerce, freelance payments, and international money transfers.
To use PayPal, customers create an account and link it to a bank account, debit or credit card, or maintain funds in a PayPal wallet. Payments can then be made on supported websites and apps quickly and securely.
For businesses, PayPal offers merchant services that help companies accept online payments, track transactions, and access working capital financing based on their sales performance.
