PayPal Data Breach Led to Fraudulent Transactions

In a statement to the media, PayPal said it notified the roughly 100 customers affected by the incident, but noted that its “systems were not compromised.”This contradicts the official notification to affected users, which states that it “terminated the unauthorized access to PayPal’s systems” after detecting the breach.SecurityWeekhas reached out to PayPal for clarification.Related:French Government Says 1.2 Million Bank Accounts Exposed in BreachRelated:PayPal Phishing Campaign Employs Genuine Links to Take Over AccountsRelated:Malicious NPM Packages Target Cryptocurrency, PayPal Users

This contradicts the official notification to affected users, which states that it “terminated the unauthorized access to PayPal’s systems” after detecting the breach.SecurityWeekhas reached out to PayPal for clarification.Related:French Government Says 1.2 Million Bank Accounts Exposed in BreachRelated:PayPal Phishing Campaign Employs Genuine Links to Take Over AccountsRelated:Malicious NPM Packages Target Cryptocurrency, PayPal Users

SecurityWeekhas reached out to PayPal for clarification.Related:French Government Says 1.2 Million Bank Accounts Exposed in BreachRelated:PayPal Phishing Campaign Employs Genuine Links to Take Over AccountsRelated:Malicious NPM Packages Target Cryptocurrency, PayPal Users

Related:French Government Says 1.2 Million Bank Accounts Exposed in BreachRelated:PayPal Phishing Campaign Employs Genuine Links to Take Over AccountsRelated:Malicious NPM Packages Target Cryptocurrency, PayPal Users

Related:PayPal Phishing Campaign Employs Genuine Links to Take Over AccountsRelated:Malicious NPM Packages Target Cryptocurrency, PayPal Users

Related:Malicious NPM Packages Target Cryptocurrency, PayPal Users

Eduard Kovacs (@EduardKovacs) is the managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Attendees will walk away with guidance for how to build robust identity defenses, unify them under a consistent security model, and ensure business operations move quickly without compromise.

SecurityWeek’s 2026 Ransomware Summit will discuss a roadmap for defending the enterprise, from mitigating root causes to mastering recovery, giving security teams the critical insights needed to navigate and neutralize today’s ransomware extortion threats.

Wealth management platform Envestnet announced the appointment of Rich Friedberg as CISO.

Source: SecurityWeek