PayPal Holdings Inc. has revealed that its subsidiary TIO Networks Inc., was hacked and private data from 1.6 million customers was compromised.
Acquired by the payment processing giant in July 2017, TIO Networks recently suffered a massive data breach.
The incident affected 1.6 million online customers, whose personal information was compromised as a result of unauthorized access to the company’s networks.
On December 1, PayPal released a statement announcing a potential compromise of customers’ data and an update on almost a month-long suspension of TIO operations.
In the period between November 10 and December 1, the company has been investigating TIO’s security vulnerabilities. The results showed evidence of “unauthorized access to TIO’s network, including locations that stored personal information of some of TIO’s customers and customers of TIO billers.”
Personal data, physical addresses, and credit card information could all have been accessed by third-parties. However, the breach has not affected the PayPal platform:
“The PayPal platform is not impacted in any way, as the TIO systems are completely separate from the PayPal network, and PayPal’s customers’ data remains secure.”
PayPal is reported to be working with Experian, a global consumer and business credit reporting company. The goal is to make free monitoring services available to the affected consumers over the next 12 months. This effort is one of many that PayPal and TIO Networks will likely be made to earn back consumers’ trust.
While over 200 million of active PayPal accounts are safe, the TIO Networks breach is still an alarming cybersecurity issue.
Learn more in-depth about data leakage in our post What is Data Leakage and How to Prevent It?
How Can I Protect Personal Information?
The first half of this year alone saw over 1.9 billion compromised accounts. The wave of attacks on consumer services will continue, and you never know if you will become tomorrow’s news.
Regardless of the services you use, a couple of simple steps can keep you safe from hackers. While online service themselves carry a considerable degree of responsibility for your data, you are the critical link.
Without the use of unique strong passwords each site you access, your credentials are at risk. Start by reevaluating your password practices and changing logins on a regular basis.
If you choose to store your passwords, use an encrypted service such as LastPass or KeePass.
Employ two-factor authentication.
Most services allow you to confirm your login via a third-party authenticator. Make sure it is active for every sensitive account.
Be aware of the changing cybersecurity landscape, stay current with the latest news.
That way, you can develop greater understanding and awareness of the problem and lower the chances of having your data or your identity stolen.