More Than 1.8 Million Affected in Prosper Marketplace Data Security Incident

Peer-to-peer lending firm Prosper Marketplace disclosed that a data security incident earlier this year resulted in the exposure of sensitive personal information for more than 1.8 million people in the United States.

 

Founded in 2005, Prosper functions as a peer-to-peer lending marketplace that has facilitated over $30 billion in loans for more than 2 million customers.

 

In a data security incident notice published on its website, Prosper said that on September 2, the company detected suspicious activity within its internal network. The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

It also took steps to secure the affected platform and notified relevant law enforcement authorities about the same.

 

Prosper said its investigation found that unauthorised queries were made on company databases holding customer and applicant information, resulting in the exposure of confidential, proprietary, and personal data such as Social Security numbers, while stressing that customer accounts and funds were not accessed and normal operations continued without disruption.

 

Data breach repository Have I Been Pwned reported that the incident exposed 17.6 million applicant and customer account records, including names, addresses, IP addresses, email addresses, dates of birth, government identification numbers, employment and income details, credit status information, and browser user-agent data. 

 

The company recently notified multiple state regulators, reporting that the incident affected at least 1,837,257 individuals, including 1,161,581 in Texas, 189,828 in Massachusetts, 249,848 in Washington, and approximately 236,000 in South Carolina.

 

The fintech company has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general. 

 

It has also offered two years of complimentary identity protection and credit monitoring services through Experian to all affected individuals.