Duke Energy Carolinas customers who paid a bill at one of the company’s 550 authorized walk-in payment processing centers between 2008 and 2017 may be affected by a potential compromise of personally identifiable information.
The announcement was made by PayPal Holdings, who recently acquired TIO Networks, which is the company who owns the network used to process payments made at those locations, according to a news release.
TIO Networks will begin notifying anyone whose information they believe may be included in the potential compromise, including approximately 374,000 Duke Energy Carolinas customers, who may be affected. The letter will come directly from TIO Networks and will include detailed questions and answers and a phone number for additional information, the release said.
Duke Energy said its systems were not affected.
“This TIO Networks issue has possibly and unfortunately affected some of our customers, and we are doing all we can to help,” said Lesley Quick, Duke Energy’s vice president of revenue services, in the release. “We have remained in daily contact with our vendor since they abruptly and unexpectedly disabled their network on Nov. 10 for suspected security vulnerabilities.”
This issue only affects customers who paid by check or cash at an authorized walk-in payment processing center, and not customers who paid via credit card or another form of payment. The personally identifiable information that may have been compromised includes, name, address, Duke Energy account number and balance, and banking information, if a customer paid by check.
Duke Energy Carolinas customers can continue to make payments in person at any Western Union location -- an agreement that Duke Energy established shortly after TIO Networks suspended the payment system -- or can pay by check, debit or credit card online or by calling 800-777-9898.
Customers who believe they may be impacted or have questions should visit TIO Networks for more information.