PayPal has acknowledged that TIO, the Canadian payments processing company that it acquired in July 2017 has suffered a data breach that compromised the information of up to 1.6 million users. TIO processes utility and other bill payments and has over 60,000 kiosks in North America.

PayPal suspended TIO’s operations in November as it “did not adhere to PayPal’s information security standards.” PayPal has confirmed that the breach did not affect its network and that TIO’s system is separate from PayPal’s. According to PayPal, TIO is in the process of notifying affected individuals and is offering free credit monitoring for those individuals.