Back in November, PayPal started investigating its newly-acquired subsidiary TIO Networks' servers for security vulnerabilities and chose to suspend the latter's operations after TIO's servers were found wanting in terms of information security standards practiced by PayPal itself.
Only TIO users have been impacted, this data breach has not affected users of any other PayPal service or PayPal itself.
TIO Networks makes digital bill payment tools for utilities and operated a network of kiosks in retail stores, according to the AG's Office; numerous consumers who use TIO's payment methods are lower-income consumers.More news: Colin Kaepernick up for TIME person of the year
A PayPal spokesman told us that the data that may have been impacted included names, addresses, bank account details, Social Security numbers and login information.
"PayPal did the right thing in alerting our office of the breach, and now is working with us to protect Pennsylvania consumers", Shapiro said in a statement.
However, for United States companies with no customers who are European Union citizens, there could still be serious penalties on the horizon for tardy breach disclosure. This payment process will remain in place until a permanent solution is found for Duke Energy walk-in locations, officials said.
It calls to mind Verizon's revelations in October, shortly after it acquired Yahoo, that a 2013 breach of the company had actually compromised not one but three billion user accounts.
The specific kinds of information and data which were compromised.