According to a press release, the breach occurred on a platform PayPal acquired in July – TIO Networks – and prior to PayPal buying the company. TIO suspended operations last month after discovering the breach.
“PayPal did the right thing in alerting our office of the breach, and now is working with us to protect Pennsylvania consumers,” Attorney General Shapiro said. I expect other businesses that experience hacks or breaches moving forward will do the same. We will remain vigilant.”
Paypal reports that hackers may have obtained names, addresses, bank account information, Social Security numbers and login details of 1.6 million TIO users.
The company said it has reached out to billers to obtain addresses for affected consumers and it expects to mail notices to all potentially impacted consumers soon. PayPal said free credit monitoring will be provided to those affected by the breach.
TIO Networks, formerly a Canadian-based payment firm, makes digital bill payment tools for utilities and operated a network of kiosks in retail stores. Many of the consumers who use TIO’s payment methods are lower-income consumers.