TIO Networks, a Canada-based subsidiary of PayPal that offers digital payments services, has experienced a security breach in which the data of nearly 1.6 million users has been accessed by third parties who were able to enter the server that stores the information.
The firm, acquired by PayPal at the cost of $233 million earlier this year, operates independently from PayPal which is currently the world’s largest payment processor, with over 218 million users from different regions across the globe.
Last month, PayPal announced through a press release that it would temporarily put a halt to its operations with the company.
PayPal further clarified that its servers were not compromised since they are separate from the ones used by TIO. For this reason, its customers are not victims of the said data breach.
Despite this, PayPal decided it is to the best of its interest to completely cut ties with the subsidiary pending investigations into the matter.
The probes are meant to dig deeper into checking the depth of the breach as well as the vulnerabilities in the TIO platform.
In the press release, PayPal acknowledged the fact that that the security structure of TIO does not meet the security standards of PayPal.
And for this reason, the company finds the need to hire a cybersecurity group to look into the matter and further tabulate a comprehensive report.
Of course, the report will be used to determine the causes, the perpetrators and also the measures to put in place to prevent the occurrence of such in the future.
So far, the investigations have confirmed that indeed the company was hacked and that the names of customers and their Social Security Numbers (SSN), as well as addresses and login credentials, were in the hands of the third party.
But since efforts are ongoing to determine the way forward, it is still not clear the period it will take until TIO Networks resumes its operations with PayPal and its other clients.
Such information is highly confidential and may bring about privacy and security concerns to an individual, since it furthers the chances of identity theft if the data is in the wrong hands.
With increasing rates of digital identity theft happening around the world, one has to worry if users of payments services like PayPal will fall victim to such types of hacks since their details can easily get disposed for less than $10 on the dark web.
TIO itself suspended operations further to protect their clients after the breach. It is during this time that a thorough analysis of the breach took place.
Following an analysis of the magnitude of the breach, the company took measures such as notifying its partners and customers to advise them accordingly. TIO even contacted the credit reporting center Experian, which implies that the possibility of identity theft is imminent.
It is possible for third parties to obtain credit information of various accounts. More so, the affected individuals will get credit monitoring updates for free to ensure they are not victims of fraud.
TIO also put up a helpline for its customers to use in the event they need to inquire about something relating to the breach and how to further protect themselves.
Through press release and emailing clients, the firm aims to notify all the customers of the breach and to continue working hand-in-hand with them.
Other measures the customer is advised to take include placing a fraud alert with the respective government agencies, closing certain accounts, acquiring identity theft insurance and, last but not least, reporting any suspicious activity that may happen in their accounts.
These actions aim to prevent or somewhat minimize the effect the breach has on a victim.
As the current situation stands, the identity and motive of the hackers behind the data theft remains unknown. But by the time investigations come to a close, then hopefully all these details will become available.
The acquisition of TIO Networks by PayPal was meant to bring more clients and expand the tech giant’s services, which has also acquired companies that offer money transfer services such as Venmo, Xoom and others.
The different types of businesses acquired by PayPal shows that the money transfer company is keen and focused on expanding its customer base to ensure that persons in various parts of the world can receive and send money irrespective of their location.
It is perhaps the reason why PayPal enables persons to transact funds in over 100 currencies from across the globe.
Depending on the location of the receiver and sender as well as the reason for the money transfer, the company will provide convenient means to move funds or make online purchases.
And what’s more, they offer buyer and seller protection, depending on the type of business or the reason for sending funds.
However, the convenience offered by PayPal has provided cybercriminals with a perfect hub of obtaining illegal funds from different sources such as credit cards stolen from the dark web or hacked PayPal accounts, among other ways.
This is not the first time that a breach of such magnitude is occurring. Major companies have become a target for hackers due to the impact they have across the globe.