The company says that a ’small number’ of people were impacted over a nearly six-month period last year.
PayPal has notified customers that it discovered a breach in its PayPal Working Capital service that could have led to fraudulent transactions.
The personal information of a “small number of customers” was exposed from July 1, 2025, to Dec. 13, 2025, according to a letter the payment processing company sent to customers this month.
Information that could have been exposed included names, business addresses, Social Security numbers, email addresses, birth dates, and phone numbers, according to PayPal.
“A few customers experienced unauthorized transactions on their account and PayPal has issued refunds to these customers,” PayPal wrote in the Feb. 10 letter that was submitted to officials in Massachusetts on Feb. 19.
PayPal did not say how many customers were impacted or how many fraudulent transactions were carried out. It said that it has “since rolled back the code change responsible for this error, which potentially exposed” personally identifying information of the customers.
“We have not delayed this notification as a result of any law enforcement investigation,” it said.
PayPal said it was alerted to “unauthorized activity,” began investigating, and subsequently terminated unauthorized access to the company’s systems.
“We reset the passwords of the affected PayPal accounts and implemented enhanced security controls that will require you to establish a new password the next time you log in to your account if you have not already done so,” PayPal said. “A few customers experienced unauthorized transactions on their account and PayPal has issued refunds to these customers.”
In response to the breach, PayPal said it would offer two years of credit monitoring and identity restoration services to affected customers, which it said is free of charge. Free credit monitoring services are also being offered via the Equifax credit bureau, but customers must enroll by June 30 of this year, it said.
In the letter, PayPal urged customers to remain vigilant and review “account information, transaction history, and free credit reports for any suspicious activity.”
Any fraudulent transactions should be reported to the company, it said.







