Duke Energy - Carolinas says a “data compromise” could have included about 374,000 of its customers over a nearly 10-year period. The company says the data breach may include customers names, banking information, address, Duke Energy account number and balance.
In a news release, Duke says the breach affects only customers who paid their power bills by check or cash at one of its 550 authorized walk-in payment centers, which were operated by TIO Networks, between 2008-2017.
"This TIO Networks issue has possibly and unfortunately affected some of our customers, and we are doing all we can to help," said Lesley Quick, Duke Energy's vice president of revenue services. "We have remained in daily contact with our vendor since they abruptly and unexpectedly disabled their network on Nov. 10 for suspected 'security vulnerabilities.' "
Duke says customers who may have been affected by the data breach will be notified in a letter from TIO Networks– which was recently acquired by PayPal Holdings.