PayPal Hacked for 6 Months — Customers Must Reset Passwords & Check Transactions

Shocking news comes from digital payment giant, PayPal. The company confirmed a PayPal data breach that went undetected for nearly six months.

The incident was linked to the PayPal Working Capital (PPWC) system and affected a small number of users. Although the number of victims was said to be limited, some customers reportedly experienced unauthorized transactions and were required to reset their PayPal passwords.

So, what exactly happened? How serious is the impact? And what should users do now?

Key Takeaways

• The 2026 PayPal data breach occurred from July to December 2025 due to a coding error in PPWC.
• Some users experienced unauthorized transactions and have received refunds.
• PayPal reset the passwords of affected accounts and offered two years of free credit monitoring.

Timeline of the 2026 PayPal Data Breach

According to official notifications sent to affected users, the breach began on July 1, 2025, when attackers gained access to PayPal’s system through a vulnerability in the PayPal Working Capital loan application.

The access was only stopped on December 12, 2025, meaning the potential exposure lasted for more than five months.

PayPal stated that the incident was triggered by a “code change” that created a security vulnerability. 

Although the company said its core systems were not fully compromised, the user notification mentioned “unauthorized access to PayPal’s systems.”

This difference in narrative raises questions, but one thing is clear: some customer data was indeed exposed.

Read Also: PayPal Bitcoin: A Practical Way to Buy Bitcoin with PayPal!

What Data Was Exposed?

In this PayPal data leak case, the information potentially accessed includes:

• Full name
• Email address
• Phone number
• Business address
• Social Security Number (SSN)
• Date of birth

This type of data is considered sensitive, especially SSNs and dates of birth, which can be used for identity theft or highly targeted phishing attacks.

Although only around 100 users were reportedly directly affected, follow-up risks still need to be monitored.

Was Money Stolen from PayPal Accounts?

PayPal confirmed that a small number of users experienced unauthorized transactions — in simple terms, there were indications that money was stolen from certain accounts due to the illegal access.

The good news is that the company stated all unauthorized transactions have been refunded. However, users are still advised to regularly review their transaction history.

In data breach cases like this, the threat does not always stop at direct theft. 

Leaked personal data can be used for further phishing attacks or credential stuffing on other platforms.

Why Did It Take 6 Months to Detect?

One of the biggest questions in the 2026 PayPal data breach is the length of exposure.

Access began in July but was only detected in December 2025. In the cybersecurity world, a six-month exposure window is considered significant.

Although PayPal stated it immediately launched an investigation after discovering the unauthorized activity, the long detection period highlights the importance of stricter system monitoring, especially in financial services.

Read Also: PayPal Launches Crypto Feature for Business Accounts

Steps Taken by PayPal

After identifying the incident, PayPal took several actions:

1. Terminated the attacker’s access and fixed the code vulnerability.
2. Reset passwords for affected PayPal accounts.
3. Issued refunds for unauthorized transactions.
4. Offered two years of free credit monitoring services through Equifax.

These steps are standard procedures in financial data breach cases.

What Should Users Do Now?

Even if you did not receive a notification email, preventive steps are still important:

1. Reset Your Password Immediately

Use a strong and unique password. Avoid reusing it on other platforms.

2. Enable 2FA

Two-factor authentication adds an extra layer of protection.

3. Check Transaction History

Review any suspicious activity in your PayPal account dashboard.

4. Beware of Phishing

After a PayPal data breach, waves of fake emails often appear exploiting user panic.

5. Use Passkeys If Available

Passkeys are far more secure than traditional passwords.

Read Also: PayPal Adds Chainlink (LINK) and Solana (SOL)

This Is Not the First Security Incident

PayPal previously faced a credential stuffing case in 2023 that accessed tens of thousands of accounts. In addition, various phishing campaigns using fake emails and invoices have also been reported.

This means that even though PayPal has strong security systems, global financial platforms remain prime targets for cybercriminals.

Conclusion

The 2026 PayPal data breach serves as a reminder that even the largest financial technology companies are not immune to security vulnerabilities.

Although the number of victims was relatively small and funds have been refunded, the potential risk of data misuse remains.

For users, the most important steps right now are to reset your PayPal password, enable 2FA, and regularly monitor transactions. Early prevention is always cheaper than identity recovery.

How to Buy Crypto on Bittime

Want to trade buy Bitcoin and invest in crypto easily? Bittime is ready to help! As an Indonesian crypto exchange officially registered with Bappebti, Bittime ensures every transaction is safe and fast.

Start by registering and verifying your identity, then make a minimum deposit of Rp10,000. After that, you can immediately purchase your favorite digital assets!

Check the BTC to IDR, ETH to IDR, SOL to IDR and other crypto assets to track today’s crypto market trends in real-time on Bittime.

Also, visit the Bittime Blog for exciting updates and educational information about the crypto world. Discover trusted articles on Web3, blockchain technology, and digital asset investment tips designed to enrich your knowledge in the crypto space.

FAQ

What is the 2026 PayPal data breach?

It is a data breach incident caused by a coding error in PayPal Working Capital between July–December 2025.

What data was exposed in the PayPal breach?

Names, emails, phone numbers, business addresses, SSNs, and dates of birth were potentially exposed.

Was money stolen from user accounts?

Some users experienced unauthorized transactions, but PayPal has refunded those funds.

Do all users need to reset their PayPal passwords?

Only affected accounts were automatically reset, but all users are advised to change their passwords as a precaution.

Does PayPal offer compensation?

Yes, PayPal offers two years of free credit monitoring services through Equifax for affected users.