PayPal confirmed a massive data breach in their Working Capital loan app.
The bug allowed unauthorized third parties to access customer data from July 1 to December 13, 2025. They only discovered it on December 12.
😐 Meaning: for almost 6 months names, addresses, emails, phones, DOBs and other PII were potentially exposed to hackers/phishers.
📂 Perfect combo for identity theft, account takeovers, targeted phishing and social engineering.
And it's not just "could be viewed" — PayPal admitted there were unauthorized transactions. They won't say how many customers were actually hit.
For a fintech giant, keeping a hole open for half a year is a huge red flag 😐
Source: https://sqmagazine.co.uk/paypal-software-error-sensitive-data-breach/
What do you think — just another "oops" from big fintech, or sign that even PayPal security is crumbling?
Ever had your PayPal/Crypto account phished after such leaks? Share below 👇
If you liked it — follow me, I'd be glad to see you in the feed 💪