UrsaClimb Logo

PayPal Discloses Data Breach That Exposed User Info For 6 Months

Slashdot
by msmash
February 20, 2026
AI-Generated Deep Dive Summary
PayPal has disclosed a significant data breach that exposed sensitive personal information of its users for nearly six months. The breach occurred due to a software error in its PayPal Working Capital (PPWC) loan application, which provides small businesses with quick access to financing. Customer details such as names, email addresses, phone numbers, business addresses, Social Security numbers, and dates of birth were exposed from July 1, 2025, until December 13, 2025. PayPal identified the breach on December 12, 2025, and promptly rolled back the problematic code change the following day, effectively blocking unauthorized access to the data. The PPWC loan app is designed to offer small businesses fast and easy financing solutions. However, a coding error in this application led to the unintended exposure of users' personally identifiable information (PII). PayPal has since taken steps to reverse the code change responsible for the breach, ensuring that no further unauthorized access could occur. The company also emphasized that it did not delay notifying affected customers, despite potential law enforcement investigations. This incident highlights the critical importance of robust security measures in financial technology platforms. While PayPal has taken corrective action by reverting the problematic code and securing the data, the breach raises questions about the safeguards in place for sensitive customer information. Such incidents can have long-lasting repercussions, including reputational damage and increased scrutiny from regulators. For tech-savvy readers, this story underscores the need for vigilance in software development and deployment. Cybersecurity must remain a top priority for companies handling large volumes of personal data. The breach also serves as a reminder that even minor coding errors can have significant consequences, potentially exposing millions of users to risk. As digital platforms continue to evolve, ensuring the protection of user data will remain a critical challenge for businesses worldwide. In conclusion, PayPal's data breach is a cautionary tale about the importance of thorough testing and secure coding practices. While the company acted swiftly to contain the situation, the incident serves as a wake-up call for all organizations reliant on digital platforms to maintain the highest standards of data security. For consumers, this emphasizes the need to remain informed about their financial and personal information and to monitor accounts for any unusual activity.
Verticals
tech
Originally published on Slashdot on 2/20/2026