Prosper Marketplace Data Breach Expands to 17.6 Million Users
Investigations into the Prosper Marketplace intrusion reveal the compromise has expanded to affect approximately 17.6 million individuals, with sensitive data including names, email addresses, dates of birth, physical addresses, Social Security numbers, and financial records exposed. The intrusion appears to have been a quiet database exfiltration through unauthorized queries rather than encryption or service disruption. Prosper reports no evidence of direct customer funds theft but acknowledges the high risk of synthetic identity fraud and long-term abuse of exposed PII. The incident underscores the unique risk profile of fintech platforms where richly detailed financial and identity attributes accumulate in a single dataset. Breach response priorities include transparent victim notification, extended fraud monitoring, rapid credential rotations, and a forensic review of privileged access and query patterns to determine dwell time and extraction methods.
CORTEX Protocol Intelligence Assessment
Business Impact: Severe exposure of immutable identifiers (SSNs) materially increases identity-fraud risk for millions. Technical Context: Attackers leveraged privileged queries or compromised credentials to extract large datasets without disruption.
Strategic Intelligence Guidance
- Notify affected individuals and provide robust credit/fraud monitoring services.
- Rotate and audit all privileged credentials and service accounts.
- Harden database access controls and implement query anomaly detection.
- Coordinate with law enforcement and breach notification authorities.
Vendors
Threats
Targets
Impact
Data Volume:17.6M
Intelligence Source: Prosper Marketplace Data Breach Expands: 17.6 Million Users Impacted in Database Intrusion | Oct 24, 2025