New Duke Energy logo. (PRNewsFoto/Duke Energy)

About 370,000 Duke Energy customers in North and South Carolina, may have had addresses, banking data and other personal information exposed in a potential data breach stretching back to 2008, a company spokesman said Tuesday.

The Charlotte-based utility learned of the potential breach on November 10. The breach affected which affected TIO Networks, a vendor that processes in-person payments from Duke customers that was acquired in July by PayPal.

PayPal has said the potential compromise involves personally identifiable information for roughly 1.6 million customers. Of that figure, approximately 374,000 are Duke customers who pay their utility bills at locations like convenience stores that accept the payments. The customers potentially affected are in Duke Energy Carolinas’ service territory, which mostly covers the western Carolinas.

What Information was Compromised in the Duke Energy Data Breach?

The compromised information included things found in bill payment, including name, address, their Duke Energy account number, and perhaps some banking information as well. It may have also included Duke account balances.

Who Was Affected?

Duke said customers who might be affected are those who paid bills by check or cash at one of the company’s 550 walk-in payment centers between 2008 and 2017.


The Hannon Law Firm can help if your personal, confidential information has been breached by hackers. The Hannon Law Firm is currently serving as liaison counsel in the National Chipotle Data Breach class action. HLF filed the only class action against Equifax in the State of Colorado for the breach of 143 million American’s personal information. We proudly serve clients nationally.

If you believe you’ve been affected by the Duke Energy data breach, we are here to help. You can call our office at 303-861-8800 or fill out the form below.