Prosper Data Breach Exposes 17.6 Million Accounts
▼ Summary
– Hackers breached Prosper’s systems and stole personal information affecting over 17.6 million people, as reported by Have I Been Pwned.
– Prosper is a peer-to-peer lending marketplace that has facilitated over $30 billion in loans for more than 2 million customers since 2005.
– The breach was detected on September 2, but there is no evidence that attackers accessed customer accounts or funds.
– Stolen data includes Social Security numbers, names, government IDs, employment status, income levels, and other personal details.
– Prosper is investigating the incident, collaborating with law enforcement, and will offer free credit monitoring once the affected data is determined.
A significant data breach at the financial services firm Prosper has compromised the personal details of approximately 17.6 million individuals, raising serious concerns for customers and loan applicants. The peer-to-peer lending platform, which has facilitated over $30 billion in loans for more than two million customers since 2005, detected the security incident on September 2. While Prosper confirmed the breach a month ago, it maintains that there is no evidence of unauthorized access to customer accounts or funds.
The company acknowledged that attackers successfully exfiltrated sensitive data belonging to both current customers and individuals who had applied for loans. Social Security numbers were definitively exposed, though the full scope of the compromised information remains under investigation. Prosper has not yet released a complete list of the affected data types as its internal review continues.
Despite the severity of the breach, Prosper assured the public that its customer-facing operations were not disrupted. The company has notified relevant authorities and is working closely with law enforcement agencies to investigate the attack’s origins and methods. In an official statement, Prosper confirmed that “confidential, proprietary, and personal information, including Social Security Numbers, was obtained” through unauthorized queries on company databases storing customer and applicant information.
The lending platform emphasized that resolving this incident is its highest priority. It has committed to providing additional updates to customers as the investigation progresses and will offer free credit monitoring services once the extent of the data exposure is fully understood.
While Prosper itself did not initially disclose the number of affected individuals, the data breach notification service Have I Been Pwned revealed the massive scale, reporting that 17.6 million unique email addresses were impacted. According to their findings, the stolen data also includes names, government-issued identification details, employment status, credit information, income levels, dates of birth, physical addresses, IP addresses, and browser user agent data.
When questioned about these findings, a Prosper spokesperson acknowledged awareness of the report but stated the company “is not able to validate” its specifics. The spokesperson reiterated that the investigation into what data was affected and which individuals were impacted remains active. Prosper again confirmed its intention to provide free credit monitoring services once the investigation determines the precise nature of the compromised information.
(Source: Bleeping Computer)
