Hackers stole the personal information of more than 17.6 million people after breaching systems at Prosper, a peer-to-peer lending marketplace that has helped more than 2 million customers obtain over $30 billion in loans since 2005, according to the article.
Prosper said the incident was detected on September 2 and was publicly disclosed one month ago. The company said it has not found evidence that attackers accessed customer accounts or funds and that the investigation is ongoing.
Data breach notification service Have I Been Pwned revealed the extent of the incident and reported the breach affected 17.6 million unique email addresses. The service said the stolen information includes names, government-issued IDs, employment and credit status, income levels, dates of birth, physical addresses, IP addresses, browser user agent details and Social Security numbers.
Prosper said it cannot yet confirm exactly which data elements were affected and that it will offer free credit monitoring as appropriate after determining the scope. The company said the breach did not impact its customer-facing operations and that it has reported the incident to relevant authorities and is cooperating with law enforcement.
A Prosper spokesperson told the reporting outlet the company is aware of the Have I Been Pwned report but is not able to validate it, and reiterated that the investigation remains in its early stages and that Prosper will share additional information with customers as appropriate.