The network, a publicly traded payment processor PayPal acquired in July 2017, has been suspended as part of an ongoing investigation of security vulnerabilities.
Following PayPal's purchase of the Canadian company - which runs a network of over 60,000 utility and bills payment kiosks across North America - it found evidence of unauthorized access to TIO's networks and hence suspended TIO's operations.
Ryan Mosier said a vendor who owns one of the networks Duke Energy uses to process customer payments in walk-in locations announced on December 1 that they had identified a potential breach that exposed approximately 1.6 million of their customers, including 374,000 Duke Energy customers. It added that TIO's services "will not be fully restored until we are confident in the security of the TIO systems and network".
In yet another data breach of the year, PayPal has admitted that it was an indirect victim of a security breach that resulted in the leak of over 1.6 million customers' data.
PayPal said TIO systems would not be restored until it could be confident about their security and could not give a firm deadline.
More than 370,000 Duke Energy customers may have had their information compromised.
PayPal is directing TIO users to visit the TIO Networks website for more details. Meanwhile, PayPal is working with consumer credit reporting agency Experian to offer customers free credit monitoring memberships as well. TIO said at the moment, it "cannot provide a timeline for restoring bill payment services, and continues to recommend that you contact your biller to identify alternative ways to pay your bills".