PayPal has officially revealed a major data leak incident concerning its PayPal Working Capital (PPWC) application.
In a recently reported security issue, PayPal acknowledged that sensitive customer data was compromised for almost six months in 2025 due to a software vulnerability in one of its business financing tools.
The breach impacted users of PayPal’s Working Capital loan application, leading to the exposure of a broad spectrum of personally identifiable information, including highly sensitive details such as Social Security numbers and birth dates.
PayPal stated that the incident stemmed from a coding mistake within the PayPal Working Capital (PPWC) loan platform.
The company indicated that the data breach persisted from July 1 until mid-December 2025 before it was detected and resolved.
What should overseas Pakistanis do?
It is important to note PayPal is not currently available in Pakistan. However, Pakistanis who live abroad and use the application are advised to take the following actions:
- Enroll in credit monitoring services
- Place fraud alerts or credit freezes if necessary
- Update passwords across financial accounts
- Be cautious of unsolicited communications
PayPal’s recent announcement contributes to an expanding catalog of significant data leak events within the financial industry, emphasising the dangers linked to digital financial services in a progressively digital economy.
This occurrence brings to light persistent difficulties amid escalating security threats.
The extended period of these security issues of almost six months elicits concerns from regulators and clients about the effectiveness of detection systems and internal oversight procedures.
