Duke Energy Data Breach May Have Affected 374,000 Customers

Duke Energy, a Charlotte-based utility, may have exposed the personal information of 374,000 customers throughout the Carolinas in a recent data breach.

Casimiro PT / Shutterstock.com

Duke Energy’s official statement on the breach says the compromise may have affected customers “who paid a bill at one of the company’s 550 authorized walk-in payment processing centers between 2008 and 2017.”

Company spokesman Ryan Mosier told the Charlotte Observer that Duke Energy learned of the possible breach on Nov. 10. The breach occurred through a vendor which processes payments from Duke customers.

TIO To Blame

It wouldn’t surprise readers of the site to learn the breached vendor in question is TIO Networks. On Monday, the breach of PayPal-owned TIO Networks was revealed. PayPal purchased the payment processing company this year (PayPal’s own system was not linked to TIO, and was unaffected by the breach.)

PayPal said “approximately 1.6 million customers” were affected by the TIO breach, and it now appears that we know where roughly a quarter of those customers were located. “The customers potentially affected are in Duke Energy Carolinas’ service territory, which mostly covers the western Carolinas,” Mosier told the Observer.

Personal information exposed in the breach included names, address, and banking information. Duke Energy services about 2.5 million customers in the Carolinas, which means that about 15 percent of all the utility’s customers were affected by the breach.

More To Come

These customers should have access to the free Experian credit monitoring being offered by PayPal to victims of the TIO breach — 12 months of monitoring, or 24 months for anyone who had their social security number exposed.

Duke Energy customers will be notified of the breach directly from TIO Networks. According to the utility, the letter will contain “detailed questions and answers and a phone number for additional information.” It’s likely that we’ve only seen the tip of the iceberg regarding fallout from the TIO Networks breach, although Duke Energy’s affected customer base is a large piece of the puzzle.

Phil Dzikiy

Phil Dzikiy

Phil Dzikiy is the former editor in chief of Security Baron. Before, he has worked as a freelance writer and editor at websites like Wirecutter.com and iLounge.com along with publications like the Lockport Union Sun & Journal and the Greater Niagara Newspapers. With digital and print experience under his belt, Phil has a passion for all things technology including home security, cyber security, and the smart home. His bachelor's degree in Journalism from the University of Maryland College Park initially landed Phil his first job at the Beaver County Times, which has lead to over 15 years of experience as a journalist.

Trending News

Follow Us