Prosper Data Breach Exposes 17.6 Million Records, Says Security Expert Troy Hunt

Peer-to-peer (P2P) lending company Prosper has reportedly fallen victim to a significant cyberattack, during which malicious actors compromised and exfiltrated highly sensitive personal data belonging to over 17 million individuals.

 

Founded in 2005, Prosper functions as a peer-to-peer lending marketplace that has facilitated over $30 billion in loans for more than 2 million customers.

 

In a data security incident notice published on its website, Prosper said that on September 2, the company detected suspicious activity within its internal network. The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

It also took steps to secure the affected platform and notified relevant law enforcement authorities about the same.

 

“We have evidence that confidential, proprietary, and personal information, including Social Security Numbers, was obtained, including through unauthorised queries made on Company databases that store customer information and applicant data.

 

“There is no evidence of unauthorised access to customer accounts and funds, and our customer-facing operations continue uninterrupted,” Prosper said.

 

The company stated that since September 2, it has found no indications of unauthorised activity. However, it has strengthened system monitoring and is actively conducting an investigation, which remains in its early stages.

 

Recently, the data breach repository Have I Been Pwned revealed that the incident compromised 17.6 million account records, including names, addresses, IP addresses, email addresses, dates of birth, government IDs, employment statuses, income levels, credit statuses, and browser user agent details.

 

In response to these claims, a company spokesperson said in a statement to the media that the company is aware of the report by Have I Been Pwned.

 

“The investigation to determine what data was affected and to whom it belongs remains ongoing. We will be offering free credit monitoring as appropriate after we determine what data was affected,” the Prosper spokesperson added.