- Peer-to-peer lending platform Prosper has been hit by a data breach
- 17.6 million people are thought to be affected in the breach
- The affected information includes SSNs, addresses, and income levels
Over 17.6 million people have reportedly had their personally identifiable information (PII) compromised by hackers after peer-to-peer lending service Prosper was targeted in a significant cyberattack.
As revealed by notification site Have I been Pwned, the breach was first revealed in September 2025, when Prosper confirmed it had discovered unauthorized activity on its systems.
This led to the exposure of PII including, but not limited to, Social Security numbers, IP addresses, physical addresses, Government issued IDs, income levels, and email addresses.
Official IdentityForce® | Identity Theft Protection – save up to 68% annually
Many people don’t know how to protect their ID. Don’t be one of them. Get your ID Action Plan here. Get a personalized step-by-step Action Plan & ID Safety Score based on YOUR dark web hits.View Deal
Unauthorized access
As ever, those affected in this incident are at risk of identity theft, as criminals may leverage their personal details to take out loans or credit cards in their name. However, with a breach involving information like IDs, addresses, employment statuses, and income levels – they could also be at risk of incredibly sophisticated social engineering attacks, fraud, or even physical theft.
TechRadar Pro has reached out to Prosper to try and confirm the validity of the 17.6 million figure, but we have yet to receive a response. The figure, whilst definitely significant, doesn’t come close to topping the tables – with several recent incidents claiming to affect over a billion records.
The company has confirmed it will offer free credit monitoring ‘as appropriate’ once it determines what data was affected, and will monitor accounts with safeguards in place to protect customer funds.
The company has reassured customers that their financial accounts were not accessed, and that it is fully cooperating with law enforcement as it investigates the incident.
“There is no evidence of unauthorized access to customer accounts and funds, and our customer-facing operations continue uninterrupted. We continuously monitor accounts and have strong safeguards in place to protect customers’ funds,“ the company confirmed in their dedicated FAQs page.
“While these attacks are becoming more and more common across many industries, we have a variety of measures and technologies to prevent these types of incidents. We are enhancing our monitoring of our systems and have implemented enhanced security controls to reduce the likelihood that this happens again in the future.”
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
You might also like
- Take a look at our picks for the best malware removal software around
- Check out our choice for best antivirus software
- Attackers claim they hacked Nissan’s design studio and stole 4TB of data
