Eight years after Venmo's privacy flaws were first exposed in 2018, PayPal is finally addressing the issue. The digital payment platform had exposed user transactions and messages by default, creating significant privacy concerns. A security researcher demonstrated how the API could obtain alarming amounts of personal data about users.

The public settings revealed embarrassing information, including a cannabis dealer's transactions and a couple's relationship drama. The problem resurfaced in 2024 when JD Vance's public Venmo account showed connections to the "elite" he claimed to oppose, including GOP heavyweights and tech executives.

Venmo is now testing a major redesign that will set new users' posts to "friends only" by default. While the setting can be adjusted to "just me," it remains unclear if contacts will remain public. The updated app will roll out over the coming weeks, addressing a privacy concern that has persisted for nearly a decade.