- BridgePay was hit by a ransomware attack, forcing payment gateway services offline across the US.
- The company says no payment card data has been compromised; Investigation ongoing with forensic teams, including the US Secret Service.
- The outage disrupted merchants across the country, affecting APIs and virtual terminals and forcing many to accept cash only.
BridgePay, a major US payment gateway, suffered a ransomware attack late last week that took its services offline and caused service issues across the country.
On a page dedicated to incident response, BridgePay said Friday that the outage it was experiencing, which forced its systems to temporarily go offline, was the result of a ransomware attack.
To contain and mitigate the threat, the company hired specialized forensics and recovery teams, including the US Secret Service forensics team.
The identity of the attacker is unknown
“Initial forensic findings indicate that no payment card data has been compromised and that all files that may have been accessed were encrypted,” the notice reads. “At this time, there is no evidence of usable data exposure.”
The most recent update, posted Sunday afternoon, said the investigation, as well as remediation efforts, were still ongoing.
So far, we don’t know who the threat actors are or how they got in. Typically, cybercriminals exploit a vulnerability in network-connected devices or obtain login credentials through social engineering and phishing.
Additionally, criminals would exfiltrate sensitive data from compromised systems, as leverage during the negotiation process. Typically, they would demand payment in Bitcoin in exchange for deleting the data. For victims who don’t comply, their data ends up on the dark web.
The effects of the attack are being felt across industries. BleepingComputer reports that many American merchants and organizations were forced to only accept cash. Multiple services were affected, including the BridgePay Gateway (BridgeComm) API, PayGuardian Cloud API, MyBridgePay virtual terminal and reporting, and many others.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
