PayPal Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating PayPal, Inc. regarding its recent data breach. The PayPal data breach involved sensitive personal identifiable information belonging to over 34,900 individuals.


PayPal is a financial technology company offering an online payment platform for businesses and individuals. Working as an intermediary between customers and businesses, PayPal processes transactions to make online purchases easier and more secure. Founded in 1998, PayPal was the product of a merger between two companies, Confinity and In 2002, PayPal was acquired by eBay for $1.5 billion with the largest shareholder at the time, Elon Musk, profiting over $175 million from the deal. Headquartered in San Jose, California, PayPal has over 30,000 employees and annual revenue of over $21 billion.


On December 20, 2022, PayPal discovered that it had experienced a data breach in which the sensitive personal identifiable information in its systems may have been accessed. Through its investigation, PayPal determined that an unauthorized actor may have accessed this sensitive information between December 6 and December 8, 2022. On January 18, 2023, PayPal began contacting individuals whose information may have been impacted. The type of information exposed includes:

  • Name
  • Social Security number
  • Date of birth
  • Address
  • Tax identification number

If you received a breach notification letter from PayPal:

We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at (608) 237-1775 or

If you were impacted by the PayPal data breach, you may consider taking the following steps to protect your personal information.

  1. Carefully review the breach notice and retain a copy;
  2. Enroll in any free credit monitoring services provided by PayPal, Inc.;
  3. Change passwords and security questions for online accounts;
  4. Regularly review account statements for signs of fraud or unauthorized activity;
  5. Monitor credit reports for signs of identity theft; and
  6. Contact a credit bureau(s) to request a temporary fraud alert.

Share This Post: