KnowBe4 Prevents Customer From Becoming Social Engineering Victim Of Duke Energy Vendor’s Hack


A customer just sent us this:

"Stu, the company who processes payments for Duke Energy’s walk in payments was hacked and as a result about 375,000 bank accounts may have been stolen.

"We here at my office just received a phone call from someone pretending to be from Duke Energy (they even spoofed Duke Energy’s phone number), wanting us to go to Kroger and get some prepaid visa cards to pay them or they would shut our power off, they then called back and said they were going to install new meters and said that info should be on our bill, wanting us to look at our bills phishing for more info, and we were to pay them over the phone with prepaid visa cards.

"Thought I would let you know that my users spotted this scam and called me, thanks to the KnowBe4 training, this didn’t go any further. Thanks, C.C."

The bad guys who got their hands on customer data are now using social engineering tricks to try getting affected customers into paying them directly. Here is the story from the Tampa Bay Times "CHARLOTTE, N.C. — Nearly 375,000 Duke Energy Corp. customers may have had personal and banking information stolen in a data breach.

The country’s largest electric company said Tuesday the customers paid a bill by check or cash at 550 walk-in payment processing centers in the Carolinas, Florida, Indiana, Ohio and Kentucky since 2008.

Those payments were processed by TIO Networks, which was hacked in an attack disclosed after the company was purchased in July by PayPal Holdings Inc. Duke Energy customers make up nearly a quarter of the 1.6 million TIO Network customers potentially compromised.

The personally identifiable information that may have been stolen from Duke Energy customers includes names, addresses, electricity account numbers and banking information if a customer paid power bills by check.

TIO Networks is sending letters to notify those affected."

Let's stay safe out there.

Warm regards,

Stu Sjouwerman,

Founder and CEO, KnowBe4, Inc



Request a Demo of KCM GRC

The new KCM GRC platform helps you get your audits done in half the time, is easy to use, and is surprisingly affordable. No more: "UGH, is it that time again!" 

products-KCM2-2With KCM GRC you can:

  • Reduce the amount of time and money required to easily manage your compliance, risk, and audit requirements
  • Automate reminders so you can quickly see what tasks have been completed, not met, and are past due
  • Simplify risk management with an intuitive interface simple workflow based on NIST 800-30.
  • Efficiently manage your third-party vendor risk requirements
  • Quickly implement compliance and risk assessment processes using KnowBe4's pre-built requirements and assessment templates

Request Your Demo

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews