Prosper data breach impacts 17.6 million accounts

Hackers stole the non-public data of over 17.6 million folks after breaching the programs of economic companies firm Prosper.

Prosper operates as a peer-to-peer lending market that has helped over 2 million prospects safe greater than $30 billion in loans since its founding in 2005.

As the corporate disclosed one month in the past on a devoted web page, the breach was detected on September 2, however Prosper has but to search out proof that the attackers gained entry to buyer accounts and funds.

Nevertheless, the attackers stole information belonging to Prosper prospects and mortgage candidates. The corporate hasn’t shared what data was uncovered past Social Safety numbers as a result of it is nonetheless investigating what information was affected.

Prosper added that the security breach did not affect its customer-facing operations and that it has reported the incident to related authorities and is collaborating with legislation enforcement to analyze the assault.

“We’ve got proof that confidential, proprietary, and private data, together with Social Safety Numbers, was obtained, together with by unauthorized queries made on Firm databases that retailer buyer data and applicant information. We might be providing free credit score monitoring as acceptable after we decide what information was affected,” the corporate says.

“The investigation remains to be in its very early levels, however resolving this incident is our prime precedence and we’re dedicated to sharing extra data with our prospects as acceptable.”

Whereas Prosper did not share what number of prospects had been affected by this data breach, data breach notification service Have I Been Pwned revealed the extent of the incident on Thursday, reporting that it affected 17.6 million distinctive electronic mail addresses.

The stolen data additionally consists of prospects’ names, government-issued IDs, employment standing, credit score standing, revenue ranges, dates of delivery, bodily addresses, IP addresses, and browser person agent particulars.

When BleepingComputer reached out to Prosper with questions concerning the incident, a spokesperson stated the corporate is conscious of Have I Been Pwned’s report however “will not be in a position to validate” it.

“The investigation to find out what information was affected and to whom it belongs stays ongoing. We might be providing free credit score monitoring as acceptable after we decide what information was affected,” the Prosper spokesperson added.