PayPal Data Breach 2026: Money Stolen, Passwords Reset
PayPal has confirmed a data breach that affected users of its PayPal Working Capital (PPWC) service. Some customers reported unauthorized transactions, and PayPal reset account passwords as a safety step.
What Exactly Happened?
According to official breach notifications, a threat actor gained access to PayPal systems on July 1, 2025. The access continued until December 12, 2025, when the issue was detected and stopped.
The breach was linked to an internal error in the PayPal Working Capital loan system.
PayPal later said that around 100 customers were potentially impacted.
What Information Was Exposed?
| Data Type | Status |
|---|---|
| Full Name | Exposed |
| Email Address | Exposed |
| Phone Number | Exposed |
| Business Address | Exposed |
| Date of Birth | Exposed |
| Social Security Number | Exposed |
This type of data can be used for identity theft, phishing, and financial fraud.
Was Money Stolen?
Yes. A small number of users reported unauthorized transactions.
- Refunds were issued
- Passwords were reset
- Accounts were secured
PayPal confirmed that affected users were notified by email.
What Should PayPal Users Do Now?
- Change your password immediately
- Enable two-factor authentication
- Use a unique password for PayPal
- Check your transaction history daily
- Do not click suspicious email links
- Consider enabling passkeys
Never share OTP codes or passwords over phone, text, or email.
Why This Breach Matters
Even though the number of affected users was small, this incident shows how dangerous financial data leaks can be.
When services store loan data and identity documents, security must be extremely strong.
The good news is that PayPal acted quickly once the issue was discovered.
Frequently Asked Questions
How many users were affected?
About 100 users were potentially impacted.
Did PayPal systems get hacked?
An unauthorized access incident occurred within the PayPal Working Capital system.
Were passwords stolen?
Passwords were reset as a safety measure, but PayPal did not confirm password theft.
Was PayPal fully compromised?
PayPal said this was a limited event and not a full platform breach.
What is PPWC?
PayPal Working Capital is a loan service for businesses.
Can attackers use exposed data for fraud?
Yes, exposed personal data can be used for phishing or identity theft.
Should all PayPal users worry?
Only a small number were affected, but all users should stay alert.
Did PayPal offer credit monitoring?
Yes, two years of credit monitoring services were offered.
What is the safest login method?
Using passkeys and two-factor authentication is safest.
How can users stay protected long-term?
Use strong passwords, avoid phishing emails, and monitor accounts regularly.
