The popular internet payment firm, Paypal, revealed the data breach a month after their TIO Network was discovered to carry security flaws.
Paypal recently confirmed that their newly-acquired firm, TIO Networks, previously fell victim to a damaging data breach which affected over 1.6 million of its users. The Canada-based TIO Networks was acquired by the internet payment giant, Paypal in July earlier this year for $238 million. TIO Networks acts as a payment processor and boasts over 60,000 kiosks dedicated to utility payments and other bills located across the United States and Canada.
Last week, Paypal confirmed that following an internal review of TIO Network, they discovered evidence which suggested that TIO Network users were affected by a massive data breach. The breach, which has affected an estimated 1.6 million users, contained personal information, including the locations which stored their personal data. Both customer and billing companies have been affected.
To date, Paypal has not yet confirmed how the data breach was orchestrated, neither have they confirmed the exact details which were exposed to the hackers.
However, the company did emphasize that no Paypal user has been affected by the breach. Paypal stated that the Paypal and TIO systems were completely separate and that Paypal users’ data was still secure.
Notably, the company released a statement last month which announced its suspension of their newly-acquired TIO operations after discovering security flaws which could compromise its users’ security. Paypal noted that TIO Network’s security policies were not in compliance with Paypal’s own security standards.
In this statement, the company apologized to TIO users for the inconvenience caused by this decision and emphasized that the user base’s security protection was their top priority.
At the moment, TIO Network is engaged with notifying their affected users. In addition, Paypal has partnered up with Experian, the consumer credit reporting agency, in order to offer affected users a free credit monitoring service.
The company confirmed that all affected users will receive a notification via email as well as instruction on signing up for the credit monitoring membership. In addition, the company added that they will refrain from restoring TIO Network in full until such time that they feel confident in the system’s security protection capabilities.
TIO stated that they are currently unable to provide their users with a timeline for the restoring of the service, and urged users to contact their billers and arrange alternative payment methods. TIO also apologized to their users for the inconvenience caused by their platform disruption.