According to a release by the company, customers who have paid their bills at one of the state's 550 walk-in payment processing centers between 2008 and 2017 may be affected by a potential compromise of personally identifiable information, according to PayPal Holdings, who recently acquired TIO Networks.
Worryingly, this included locations that not only accessed but also stored personal information of some of TIO's customers, as well as customers of TIO billers. PayPal said it was looking into the vulnerabilities at TIO and discovered that users' information may have been compromised.
PayPal bought TIO Networks for $238 million in February.
TIO networks that runs a network of over 60,000 utility and bills payment kiosks across North America was acquired by Paypal earlier this year for $233 million.
Global Express is the authorized payment processing network Duke Energy use at its walk-in locations.
Meanwhile PayPal assured: "The PayPal platform is not impacted in any way, as the TIO systems are completely separate from the PayPal network, and PayPal's customers' data remains secure".
The payments giant said in a statement that TIO's operations had been suspended since November 10, while it investigated "security vulnerabilities" in the firm's platform.
PayPal said, as a result, it is taking steps to protect affected customers while TIO coordinates with the companies it services to notify potentially affected individuals. "We sincerely apologise for any inconvenience caused to you by the disruption of TIO's service".