11-12 June 2025
Hall 4, Bombay Exhibition Centre, Mumbai
PayPal has alerted customers to a data breach caused by a software flaw in its loan application that exposed sensitive personal information.
The coding error compromised business contact details such as names, email addresses, phone numbers, and physical addresses. More alarmingly, Social Security numbers and dates of birth were also exposed. The company identified the issue on December 12, 2025, and promptly removed the faulty code.
The breach impacted users of the PayPal Working Capital (PPWC) loan application, a platform designed to provide small businesses with rapid access to funding.
“On December 12, 2025, PayPal identified that due to an error in its PayPal Working Capital (“PPWC”) loan application, the PII of a small number of customers was exposed to unauthorized individuals during the timeframe of July 1, 2025 to December 13, 2025,” said the breach notification letter that was sent by PayPal to affected users.