PayPal says that its payment processing service was hit by a data breach last year that compromised the personal information of some of its customers.
The company says the breach affected the personal details of approximately 40 million people.
The breach was not directly tied to the company’s payment processor, but it was a matter of concern, the company said.
PayPal says the company is working to address the breach and to better protect its data, including the use of password-protected login accounts and a better process for verifying a payment’s validity.
PayPal was the victim of a similar data breach in December, which compromised the financial information of nearly 1.4 million customers, including those who were not PayPal customers.
A spokesman for PayPal did not immediately respond to a request for comment on Friday.
The firm says that a new, more secure payment system will be launched later this year and that it has implemented several security improvements in the wake of the breach.
PayPal’s breach occurred in early 2017, just as the company was trying to ramp up its payment services.
Since then, the number of payments processed by PayPal has more than tripled, reaching nearly $1 billion in 2017.
The company says it has been working with law enforcement to determine who was responsible for the breach, and has taken steps to secure sensitive customer information.
In a blog post, PayPal said that it is investigating “multiple leads” in the breach of its data and that the company has launched a “proactive” investigation.
Read more: Payment companies hit with breach attack on personal informationPayPal is no stranger to data breaches.
The payment processor was also hit by cyberattacks in late 2017, and its credit card processing system was hit in early 2018.
Earlier this month, the New York-based payment processor said that the credit card numbers of some customers had been compromised.