Breach compromises El Paso Electric's customer's information
EL PASO, Texas (CBS4) —
Paso Electric notified its customers of a data breach that could impact people’s personal information.
EPE says more than 16,000 customers are potentially affected by this attack.
According to a letter sent out, EPE customers who use its MobilePay service had their name, bank account information, address, utility account number compromised.
The utility works with a third-party vendor, TIO Networks USA, Inc. The letter states that EPE customers that use its MobilePay service may have been impacted by a breach that affects TIO Systems.
The technology company provides payment services for utility companies and is owned by PayPal.
"You lose your money and you don't know who to blame for it, or if you're going to get back your money in your account. They will drain it in a minute or two before you know it,” said El Paso Electric customer Gilberto Zuniga, who lives in West El Paso.
According to EPE, it was notified of the possible breach on Nov. 27, 2017. “Please note that this incident only affected TIO’s network and did not involve El Paso Electric’s system or other payment solutions in any way.”
The MobilePay service for EPE customers has not been available to receive payments.
"Well, everybody is starting to get hacked more recently because of the internet, and everything is more accessible, doing everything online. So it doesn't surprise me that they've been able to get hacked,” said El Paso Electric customer Andrea Silva, who lives in downtown El Paso.
The utility company advises customers to make payment via phone or online.
El Paso Electric says it's investigating the incident internally and is working with TIO to understand the nature and scope of the incident and issued the following statement:
El Paso Electric Company takes the security of our customers’ information very seriously. As we previously published on our website, epelectric.com, TIO Networks USA, Inc. notified us that it discovered unauthorized access to locations on the TIO network that stored personal information of some customers of TIO clients, including some El Paso Electric customers that use our mobile payment application, MobilePay. On December 23, 2017, TIO began mailing notices to customers they identified as potentially affected in the incident, including some El Paso Electric customers. The personal information stored in the affected locations on TIO’s network included customer name, address, utility account number, bank account number, and bank routing number. The incident did not involve El Paso Electric’s systems or other payment solutions in any way. For additional information relating to the TIO Network incident, customers can visit the TIO website, www.tio.com, or call the TIO at 1-855-272-6796.
EPE says the outage-reporting app, MyEPE, is not the MobilePay App and was not affected.
PayPal suspended TIO Networks' operations, and says an investigation is ongoing.
"In this moment, I’m not worried. I don't have problems never with hackers and the electric company and the other banks,” said El Paso Electric customer Aremmy Contreras, who lives in West El Paso.
El Paso Electric denied KFOX14’s request for an interview Wednesday, but a spokesperson said the incident did not involve El Paso Electric's systems or other payment solutions in any way.