Africa-Press – Tanzania. Payments giant PayPal has disclosed a data exposure incident affecting a portion of its customers after a coding flaw in one of its business financing tools left sensitive information accessible for months.
According to TechRadar, the vulnerability was found in its PayPal Working Capital (PPWC) loan application, a product that offers eligible businesses cash advances based on their PayPal sales history.
Techradar reported that the issue was identified on December 12, 2025, but had been present since July 1, potentially exposing user data for more than five months.
The publication indicated that the bug may have exposed a range of personally identifiable information, including names, email addresses, phone numbers, business addresses, Social Security numbers and dates of birth.
Security experts note that such data combinations can significantly increase the risk of targeted phishing attacks and identity fraud if misused.
In notifications sent to affected users, PayPal acknowledged that a small number of customers experienced unauthorised activity on their accounts during the exposure window.
The company did not disclose how many users were impacted, but said access linked to the flaw has since been shut down and affected customers reimbursed.
PayPal also confirmed that passwords for impacted accounts were reset and the problematic code change was reversed.
“We have not delayed this notification as a result of any law enforcement investigation,” the company said.
Recognising the sensitivity of the exposed data, PayPal is offering two years of complimentary credit monitoring and identity restoration services through Equifax, a step commonly taken following breaches involving personal data.
The company urged customers to remain cautious, particularly regarding unsolicited emails, suspicious links or unexpected attachments, as fraudsters often exploit breach-related anxiety to launch phishing campaigns.
The full scope of the incident, including the exact number of affected users, has not yet been publicly disclosed.
PayPal is one of the world’s largest digital payments platforms, enabling individuals and businesses to send, receive and manage money electronically across borders.
Founded in the United States, the fintech firm operates as an online intermediary that allows users to make payments without directly sharing their bank or card details with merchants. The service has become widely used in e-commerce, freelancing and international money transfers.
To use PayPal, customers create an account and link it to a bank account, debit card, credit card or maintain funds in a PayPal wallet. Payments can then be made on supported websites and applications with a few clicks.
For businesses, PayPal provides merchant tools that enable companies to accept customer payments online, manage transactions and access working capital products based on their sales history.
