PayPal (PYPL.O) has agreed to pay a $2 million civil penalty after a cybersecurity failure that resulted in the exposure of customers’ Social Security numbers, New York’s Financial Services Superintendent, Adrienne Harris, announced on Thursday.
This settlement comes after an investigation revealed that PayPal had not employed adequately trained personnel to oversee crucial cybersecurity functions. The company also failed to provide the necessary training to manage cybersecurity risks effectively.
As a result of these shortcomings, sensitive customer information, including Social Security numbers, was left vulnerable and accessible to cybercriminals.
