PayPal Data Breach Impacts Users, Funds Compromised

Alanbatnews -

PayPal experienced a cyber breach resulting in unauthorized access to user accounts and subsequent fund transfers, the company disclosed in a notification to its users.

The breach, initially occurring in July, allowed an attacker to access PayPal's systems, execute unauthorized transactions, and modify passwords, according to a Forbes report.

Although users were notified in February, the breach had persisted from early July until mid-December when PayPal detected the intrusion, the report stated.

The cyberattack impacted PayPal's Working Capital application, a lending service providing quick financing to small business owners, according to Bleeping Computer.

PayPal stated the breach stemmed from a vulnerability within the latest version of its micro-financing application's code. The company has not detailed the specific nature of the vulnerability but confirmed reverting to an older version of the platform's code, effectively halting the breach.

Forbes reported that over 100 users globally were affected by the breach, with unauthorized transfers made from their accounts.

PayPal has begun compensating affected users by refunding their funds. The company also advises users to review their account activity, change passwords, and enable additional security measures.

The incident raises questions regarding the delay in detecting the vulnerability and the subsequent delay in notifying users of the breach.

PayPal previously experienced a cyberattack in December 2022, which compromised the data of over 35,000 users, resulting in a $2 million fine for the company.

PayPal is a globally recognized platform for sending and receiving money, offering payment gateway services and facilitating diverse payments worldwide.