PayPal Holdings, Inc. PYPL shares are trading lower on Thursday.
The company is facing a $2 million penalty from the New York State Department of Financial Services following violations of the state’s cybersecurity regulations.
The DFS found that PayPal had failed to adequately manage key cybersecurity functions and did not provide proper training for its personnel to address cybersecurity risks.
These shortcomings allowed cybercriminals to access sensitive customer information, including social security numbers.
The investigation revealed that PayPal did not employ qualified cybersecurity staff and lacked the necessary procedures to safeguard sensitive data, leaving the information exposed.
According to Benzinga Pro, PYPL stock has gained over 37% in the past year. Investors can gain exposure to the stock via Global X FinTech ETF FINX.
Also Read: Stargate Project: Microsoft Gains, Oracle Waits, Data Centers Face Long-Term Questions
Additionally, PayPal did not enforce adequate security measures like multifactor authentication or rate-limiting to prevent unauthorized access. The failure occurred when teams tasked with making IRS Form 1099-Ks more widely accessible did not follow proper procedures, which allowed compromised credentials to exploit the system.
PayPal has since remediated these issues, improving its cybersecurity practices.
The DFS emphasizes the importance of having qualified cybersecurity personnel and implementing robust security policies to protect customer data.
Since March 2017, the Department’s Cybersecurity Regulation has been in effect and the second amendment to these regulations took effect in November 2023.
Price Action: PYPL shares are trading lower by 1.12% to $88.84 at last check Thursday.
Read now:
Image via Shutterstock.
This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.
Market News and Data brought to you by Benzinga APIs
© 2025 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
