Nearly 375,000 Duke Energy Corp. customers may have had personal and banking information stolen in a data breach.
The country's largest electric company said Tuesday the customers paid a bill by check or cash at 550 walk-in payment processing centers in the Carolinas, Florida, Indiana, Ohio and Kentucky since 2008.
A Duke Energy official said a vast majority of the customers affected are in the Carolinas. Only about nine customers in Indiana had their accounted breached.
The payments were processed by TIO Networks, which was hacked in an attack disclosed after the company was purchased in July by PayPal Holdings Inc. Duke Energy customers make up nearly a quarter of the 1.6 million TIO Network customers potentially compromised.
The personally identifiable information that may have been stolen from Duke Energy customers includes names, addresses, electricity account numbers and banking information if a customer paid power bills by check.
TIO Networks is sending letters to notify those affected.