PayPal, the payment platform that ceased operations in Turkey years ago, has been in the news after it was alleged that data belonging to approximately 16 million users was leaked. According to allegations circulating on a hacker forum, the platform’s user data was stolen in a cyberattack in May 2025 and offered for sale.

PayPal account information may have been stolen

The hackers state that the compromised data included user email addresses and passwords. It is also alleged that the leaked passwords are still being used. Cybersecurity experts, however, point out that the fee demanded by the hackers is quite low for such a large data set and call the allegations questionable.

After the post on the hacker forum went viral, PayPal officials released a statement. The statement stated that no cyberattack or data breach occurred during the alleged dates. PayPal stated that the incident raised by the hackers was a previous incident that occurred in 2022 and affected approximately 35,000 accounts. The company announced that all necessary precautions were taken for the affected accounts at the time.

This incident, which implicated PayPal, one of the world’s most popular platforms, has once again highlighted the importance of personal data security on online platforms. To avoid such situations, cybersecurity experts advise users to use strong, unique passwords and avoid entering personal data on untrusted websites.