More than 17 million people are believed to have been impacted by a major data breach at Prosper, a peer-to-peer lending marketplace, according to breach notification platform Have I Been Pwned.

Prosper confirmed the breach last month, revealing that cybercriminals infiltrated its network and extracted confidential, proprietary, and personal data from its systems.

The company explained that the attackers accessed a database containing customer and applicant information, querying it to exfiltrate sensitive data. However, Prosper emphasized that user accounts and funds were not compromised.

“There is no indication of unauthorized access to customer accounts or funds, and our operations remain fully functional,” Prosper stated.

According to the firm, the incident has been contained, and no further unauthorized activity has been detected since September 2. Law enforcement agencies have been informed of the intrusion.

Although Prosper did not disclose the full scope of the compromised information—aside from confirming that Social Security numbers were exposed—Have I Been Pwned has incorporated the stolen data into its database, enabling affected users to verify their status.

The breach notification platform reported that the leaked dataset includes details from roughly 17.6 million Prosper accounts, containing names, addresses, IP addresses, email addresses, dates of birth, government IDs, employment information, income levels, credit ratings, and browser user agent strings.

Prosper stated that the investigation remains ongoing as it works to fully assess the compromised data, identify affected individuals, and coordinate notifications.

“We plan to offer complimentary credit monitoring once the scope of affected data is determined. Our team continues to closely monitor all accounts and maintain robust security measures to protect customer assets,” the company said.