Cybersecurity Incident Customer FAQs

Answers to questions regarding Prosper’s cybersecurity incident

What happened?  

Recently, we discovered unauthorized activity on our systems. As soon as we detected this, we acted quickly to stop the activity and strengthen our security measures, and we began working with a leading cybersecurity firm to investigate what happened. We also reported the incident to law enforcement and have offered our full cooperation.

There is no evidence of unauthorized access to customer accounts and funds, and our customer-facing operations continue uninterrupted. We have evidence that confidential, proprietary, and personal information, including Social Security Numbers, was obtained, including through unauthorized queries made on Company databases that store customer information and applicant data. We will be offering free credit monitoring as appropriate after we determine what data was affected. We continuously monitor accounts and have strong safeguards in place to protect customers’ funds.

The investigation is still in its very early stages, but resolving this incident is our top priority and we are committed to sharing additional information with our customers as appropriate.

Has the incident been resolved/contained?  

We have no indications of any unauthorized activity since September 2. We have enhanced monitoring of our systems and are actively pursuing the investigation, which is in its early stages. We will take further actions as the findings warrant. We also reported the incident to law enforcement and have offered our full cooperation.

Did you notify the appropriate authorities?  

Yes, we have reported the incident to law enforcement and have offered our full cooperation.

Don't you have security and other systems in place to prevent this? 

While these attacks are becoming more and more common across many industries, we have a variety of measures and technologies to prevent these types of incidents. We are enhancing our monitoring of our systems and have implemented enhanced security controls to reduce the likelihood that this happens again in the future. 

Did the threat actor have access to individuals’ or investors’ accounts?

There is no evidence of unauthorized access to customer accounts and funds, and our customer-facing operations continue uninterrupted. We continuously monitor accounts and have strong safeguards in place to protect customers’ funds.

What actions are you taking to better secure Prosper’s network in response to this incident?

Prosper has taken additional steps to deploy enhanced security controls and safeguards, and has increased and fortified monitoring and security alerting and response. As part of our ongoing security operations, we regularly review our security and privacy policies and procedures and implement changes when needed to enhance our information security and privacy programs and controls.

Why didn’t you tell us sooner?

We immediately launched our incident response efforts as soon as we learned of this unauthorized access. We have been working diligently since discovering this incident to comprehensively contain it, prevent it from impacting our customers and systems, identify the compromised data, and appropriately provide information to those whose information was impacted. We’ve prioritized providing accurate information. It takes time to investigate and remediate systems in response to a sophisticated attack like this one, and even longer to analyze exactly what information was compromised, determine who that information belongs to, and coordinate notifications.

If I have a question and want to speak to someone, who can I contact?

Please call the Prosper Incident Response Line at 833-918-9464. It is open from 8 a.m. to 5 p.m. CT Monday through Friday, excluding major U.S. holidays.

Has this impacted your ability to operate and serve customers?  

No. Customer accounts and funds are not affected, and our customer-facing operations continue uninterrupted. We continuously monitor accounts and have strong safeguards in place to protect your money.

How will this impact my application/loan/financing/transactions? 

Our customer-facing operations continue uninterrupted, and we continue to serve our customers.

Is my money safe?

Was customer data accessed or exfiltrated from Prosper? 

There is no evidence of unauthorized access to customer accounts and funds, and our customer-facing operations continue uninterrupted. We have evidence that confidential, proprietary, and personal information, including Social Security numbers, was obtained, including through unauthorized queries made on Company databases that store customer and applicant data. We will be offering free credit monitoring as appropriate after we determine what data was affected. We continuously monitor accounts and have strong safeguards in place to protect customers’ funds.

When will I receive additional information from Prosper? 

The investigation is still in its very early stages, but resolving this incident is our top priority and we are committed to sharing additional information with our customers if we determine that their information is impacted.

I believe there has been unauthorized activity in my account. Who should I contact?

Individuals should regularly monitor their accounts, and if you ever have any concerns about unauthorized activity in your account, please report security vulnerabilities or cyber-security incidents to [email protected].

If you suspect unauthorized activity in your account, please contact:

Personal Loan: [email protected] or 866-615-6319, Monday-Friday from 6 a.m. – 5 p.m. PT

Credit Card: [email protected] or 800-903-4697, Monday-Sunday from 5 a.m. – 7 p.m. PT

Home Equity: [email protected] or 800-954-2172, Monday-Friday from 7 a.m. – 4 p.m. PT

Investor Services: [email protected] or 877-646-5922, Monday-Friday 6 a.m. – 3 p.m. PT

Are my Prosper Notes safe? 

The cash balance of your Prosper investment account is FDIC insured by Wells Fargo Bank, N.A., a depository bank.

The FBO account that we maintain at Wells Fargo Bank, N.A. for the benefit of investors is FDIC-insured on a “pass through” basis to individual investors, subject to applicable limits and conditions. This means that each individual investor’s balance is protected by FDIC insurance, up to the aggregate amounts established by the FDIC. Other funds the investor has on deposit with Wells Fargo may count against the FDIC insurance limits. Prosper is not an FDIC-insured depository institution. FDIC insurance only covers the failure of Wells Fargo, the FDIC-insured depository institution.

If I want to cash out my Prosper Notes or close my account and withdraw my money, may I do so? 

Any uninvested available cash in your account is FDIC-insured and can be withdrawn whenever you wish, but your investment (principal and interest) is repaid to you over the course of the underlying loan term.

Is Prosper going to offer me free credit monitoring?

We will be offering free credit monitoring as appropriate after we determine what data was affected.

Loans

Explore

Calculators

Articles

The Prosper® Card

Explore

Articles

Home Equity

Explore

Calculators

Articles

Investing

Explore

Explore Prosper

Insurance

Tools & Resources

Company

Cybersecurity Incident Customer FAQs

Prosper

Helping people thrive

Products

Tools

Company

Support