Recent Cybersecurity Breaches in Financial Services
Two significant cybersecurity incidents have unfolded in the financial services sector, revealing vulnerabilities that have compromised the personal information of millions. These breaches, involving Prosper Marketplace and 700Credit, underscore the ongoing risks in the fintech landscape and the credit reporting ecosystem.
Prosper Marketplace Cybersecurity Breach
Prosper Marketplace, a San Francisco-based fintech company, recently confirmed a serious cybersecurity breach that has impacted approximately 13.1 million individuals. Unauthorized activity was detected in Prosper’s systems on September 1, 2025, prompting an immediate investigation. This examination revealed that the attackers had gained access to sensitive data between June and August of the same year.
In an official statement, Prosper acknowledged the breach, stating, “On September 1, 2025, Prosper discovered unauthorized activity on our systems. We acted swiftly to stop this activity and to bolster our security measures while engaging a leading cybersecurity firm for further investigation.”
While the company noted that there was no indication of unauthorized access to customer accounts or their funds, the attackers still managed to obtain a significant amount of sensitive personal and financial information. This compromised data includes names, Social Security numbers, national ID numbers, dates of birth, bank account information, Prosper account numbers, financial application details, driver’s license numbers, passports, tax information, and payment card numbers.
Impact Across States
Regulatory filings reveal the widespread nature of this breach, with over 1.1 million individuals affected in Texas alone, followed by 236,000 in South Carolina and 249,000 in Washington state. In response to the breach, Prosper has begun notifying those impacted and is providing two years of credit monitoring and identity restoration services via Experian. Additionally, the company has informed law enforcement and implemented enhanced security measures to prevent future incidents.
Founded in 2005, Prosper is well-known for its peer-to-peer lending platform, which has facilitated over $28 billion in loans for more than 2 million customers. Besides personal loans, Prosper also provides home equity loans, lines of credit, and credit card offerings.
700Credit Breach Affects Millions
In a separate incident, 700Credit, based in Michigan, reported a data exposure impacting 5,836,521 individuals. Discovered on October 25, 2025, the breach was detected by the company’s IT team, which identified unauthorized access to its systems.
700Credit primarily delivers credit reports, compliance solutions, identity verification, and fraud detection services to car dealerships across the United States. The attackers reportedly copied data stored within 700Credit’s systems, leading to the exposure of names, Social Security numbers, dates of birth, and physical addresses.
As part of their response, 700Credit plans to file a consolidated breach notice with the Federal Trade Commission (FTC) on behalf of its dealership clients, once the agency grants approval. The company stated, “We promptly notified the FBI and the FTC, confirming that 700Credit’s filing is sufficient for all dealers to meet FTC notification obligations. Additionally, we will inform State Attorney General offices on behalf of these dealerships.”
Dealers impacted by this breach will also notify affected consumers and offer credit monitoring services. However, dealerships still have a responsibility to comply with state-level breach notification requirements, which aren’t affected by the FTC’s decision.
The Growing Threat to Financial Services
The cybersecurity incidents involving Prosper and 700Credit come on the heels of another breach at SitusAMC, a company relied upon by major banks for real estate loan services. That incident, identified on November 12, 2025, involved the theft of accounting records and legal agreements.
These escalating cybersecurity challenges highlight a troubling trend: as the financial services sector continues to store vast amounts of sensitive consumer data, it becomes an increasingly attractive target for cybercriminals. While no specific group has claimed responsibility for the breaches at Prosper or 700Credit, the potential for identity theft, financial fraud, and long-term consumer risk is significant.
Both Prosper and 700Credit have urged those affected to stay vigilant, monitor their credit reports, and report any unusual activities they may encounter. As incidents like these continue to unfold, the importance of robust cybersecurity measures becomes ever more critical for financial service providers.
