Major Financial Data Breaches Hit France and PayPal

- The French breach involved an attacker using a government official's stolen credentials to access FICOBA, the national database of all bank accounts maintained by the French Public Finances Directorate (DGFIP). This allowed them to view account holder identities, addresses, and in some cases, tax identification numbers. - While 1.2 million French bank accounts were viewed, authorities state the attacker could not see account balances or initiate transactions, though the data could be used for sophisticated phishing or identity theft schemes. - This incident follows a massive breach in France's healthcare payment sector where two firms, Viamedis and Almerys, were hit by a cyberattack exposing the data of 33 million people—nearly half the country's population. - The PayPal vulnerability was not a system-wide breach but a specific coding error in its Working Capital (PPWC) loan application, a service that provides financing to small businesses. - The flaw was active for nearly six months, from July 1, 2025, to December 13, 2025, before being discovered and remediated by PayPal. - For the approximately 100 customers affected, the exposed data included names, business addresses, and Social Security numbers. PayPal confirmed that "a few" of these customers had unauthorized transactions and has since issued refunds. - In response, PayPal rolled back the flawed code change, reset passwords for all impacted accounts, and offered two years of free credit monitoring services through Equifax. - This is not the first security incident for the fintech giant; in January 2023, PayPal disclosed that a credential stuffing attack had compromised nearly 35,000 user accounts.