Global payments company PayPal disclosed that 1.6 million customers of TIO Networks may have been affected due a security breach. TIO Networks is a bill payments processor and PayPal had acquired the company in July 2018 for $238 million. In November, the company suspended TIO Networks’ operations after it discovered vulnerabilities on the platform.

PayPal said that personally identifiable information could be compromised due to the security breach but did not disclose the nature of the information. However, the company said that the main PayPal platform was not affected due to the breach.

“TIO has also begun working with the companies it services to notify potentially affected individuals, and PayPal is working with a consumer credit reporting agency to provide free credit monitoring memberships. Individuals who are affected will be contacted directly and receive instructions to sign up for monitoring,” the company said.

It added that is investigating the breach and it has identified evidence of unauthorized access to TIO’s network, including locations that stored personal information of some of TIO’s customers and customers of TIO billers. Meanwhile, PayPal said that the investigation will include TIO’s practices and representations before the acquisition.

Increasing data breaches

  • Earlier this week, image sharing community Imgur notified users of a potential data breach which occurred in 2014 which affected 1.7 million accounts.
  • Earlier this month, Uber reported a security breach which occurred in November 2016 which affected more than 57 million drivers and riders. Personal information such as names, email addresses, and phone numbers were compromised.
  • In September, Instagram reported a security breach to users and said that people’s email address and phone number could be accessed via a bug.
  • In October, Yahoo reported that all 3 billion user accounts had been breached during the August 2013 data theft, which is three times the initial 1 billion affected accounts figure the company had reported.
  • Meanwhile in the US and UK, American credit rating agency Equifax disclosed that it had several security breaches which affected more than 143 million users and Social Security Numbers (SSNs) of American citizens, driving license numbers, and a couple hundred thousand credit card numbers, among other documents were compromised. Subsequently, it came to light that personal and financial data of around 400,000 Britons and unspecified data of about 100,000 Canadians had also been part of the leak.