Major American payment gateway BridgePay was recently hit by a ransomware attack that took its services offline and affected services across the United States.
BridgePay posted on a dedicated incident response page about the outage, stating that the incident had caused its systems to go temporarily offline, forcing the business to call in specialised forensic and recovery teams, including the US Secret Service forensic team, to contain and mitigate the threat.
“Initial forensic findings indicate that no payment card data has been compromised, and any files that may have been accessed were encrypted. At this time, there is no evidence of usable data exposure,” the notification read.
A recent update, posted on February 8, noted that the investigation and remediation efforts were ongoing, with the remark, “so far, we are not sure who the threat actors are, nor how they gained entry.”
Typically, cyber criminals exploit a weakness in networked devices or gain access to login credentials through social engineering and phishing. This is followed by the stage where these threat actors steal sensitive information from compromised systems and use the information as a bargaining chip in negotiations, typically demanding payment in Bitcoin for deleting the data, non-compliance with which will result in the sensitive information being put on the dark web.
The effects of the attack were felt throughout industries. As per a BleepingComputer report, many United States-based merchants and organisations were forced to accept only cash. Multiple services were affected, including BridgePay Gateway API (BridgeComm), PayGuardian Cloud API, and the MyBridgePay virtual terminal and reporting.
Restaurants, retailers, and government billing portals were hit as well, highlighting how tightly payment processors are integrated into both private business workflows and public services, something that can be turned into a pain point by cybercriminals.
In fact, BridgePay provides core payment gateway infrastructure for thousands of merchants and municipal entities, making its availability critical to everyday commercial and public-sector operations. So severe was the incident that Florida’s City of Palm Bay ended up witnessing its online billing portal getting knocked out, forcing residents to make payments in person. Other affected organisations were Lightspeed Commerce, ThriftTrac, and the City of Frisco, Texas, illustrating how an outage at a single payment provider can put multiple sectors and jurisdictions at a standstill.