Security & Fraud

PayPal’s TIO Network Breach Said To Impact 1.6M Customers

PayPal disclosed late last week that the personal information of around 1.6 million users may have been compromised at its TIO Networks unit, a company it acquired earlier in 2017.

According to a news report in The Wall Street Journal, in November PayPal suspended the operations of TIO Networks, which makes digital bill payment tools for companies and operates kiosks in retail stores. PayPal said it was looking into the vulnerabilities at TIO and discovered that users’ information may have been compromised.

A PayPal spokesman told the paper that the data that may have been impacted included names, addresses, bank account details, Social Security numbers and login information. How much of those details fell into the hands of cybercriminals depends on how many of TIO’s services the consumers used. Reportedly, one of TIO’s services had all of the customer data exposed, and the payments company hasn’t yet found any evidence that any of the information was taken outside of TIO.

The New York State Department of Financial Services told The Journal that it is working with the company to “investigate and address issues related to cybersecurity vulnerabilities.”

The potential data hack at TIO comes a few months after Equifax announced a massive data breach that impacted 145.5 million consumers, including the credit card numbers of 209,000 people.

PayPal paid around $238 million to acquire TIO in July, with the goal of reaching more consumers who don’t have traditional financial accounts. For TIO consumers who were affected by the data breach, PayPal is offering free credit monitoring services via Experian.

——————————

PYMNTS LIVE ROUNDTABLE: TUESDAY, JULY 14, 2020 AT 12:00 PM (ET)

Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.

TRENDING RIGHT NOW