TIO Networks logo

PayPal says that one of the companies it recently acquired suffered a security incident during which an attacker appears to have accessed servers that stored information for 1.6 million customers.

The victim of the security breach is TIO Networks, a Canadian company that runs a network of over 60,000 utility and bills payment kiosks across North America. PayPal acquired TIO Networks this past July for $238 million in cash.

On November 10, PayPal suspended the operations of TIO's network. The company admitted that a security breach took place, but did not provide any other details.

In a press release published in a late Friday afternoon news dump, PayPal provided more details about the incident.

A review of TIO’s network has identified a potential compromise of personally identifiable information for approximately 1.6 million customers. The PayPal platform is not impacted in any way, as the TIO systems are completely separate from the PayPal network, and PayPal’s customers’ data remains secure.

PayPal says the intruder(s) got access to the personal information of both TIO customers and customers of TIO billers. The company did not reveal what type of information the attacker accessed, but since this is a payment system, attackers most likely obtained both personally-identifiable information (PII) and financial details.

As data breach laws impose, PayPal has now started notifying customers and is offering free credit monitoring memberships. TIO users can also visit the TIO Networks website for more details.

Related Articles:

Timehop Security Breach Affects the Company’s Entire 21 Million Userbase

Macy’s Locks Small Number of Accounts Following Suspicious Logins, Fraud Reports

Ticketmaster Announces Data Breach Affecting 5% of All Users

Hundreds of Hotels Affected by Data Breach at Hotel Booking Software Provider

Malware Infection at HR Company Triggers Flurry of Data Breach Notifications