BridgePay Outage Caused by Ransomware Attack
▼ Summary
– A ransomware attack caused a nationwide outage of BridgePay Network Solutions’ payment processing systems, forcing many merchants to accept only cash.
– BridgePay confirmed the ransomware incident, engaged federal law enforcement and forensic teams, and stated there is currently no evidence of usable payment card data being exposed.
– The outage impacted core services like the payment gateway API, virtual terminals, and hosted payment pages, causing widespread disruption for merchants and integrators.
– Multiple organizations, including municipal governments in Florida and Texas, reported service disruptions and had to direct customers to alternative payment methods.
– This attack is part of a growing trend of ransomware targeting payment infrastructure, where such outages can severely disrupt real-world commerce.
A significant nationwide disruption to payment processing services has been traced back to a confirmed ransomware attack. BridgePay Network Solutions, a major U.S. payment gateway provider, reported that the cyberattack forced key systems offline, creating a cascade of issues for merchants and organizations that depend on its platform. The company has engaged federal law enforcement and external forensic experts to manage the incident and recovery efforts.
The problems started early on Friday, with initial monitoring detecting performance issues that rapidly escalated into a full system outage. BridgePay confirmed the ransomware attack later that same day. In a public statement, the company noted that preliminary forensic findings indicate no payment card data was compromised, stating that any accessed files were encrypted and there is no current evidence of usable data exposure. The specific ransomware group responsible has not been named publicly.
The real-world impact was immediate and severe. Across the country, businesses began informing customers they could only accept cash payments due to the card-processing failure. One restaurant publicly stated its credit card processor had suffered a cybersecurity breach, rendering card payments unusable. Municipal governments were also affected; the City of Palm Bay in Florida announced its online utility payment portal was down because of the disruption at its third-party vendor, BridgePay, and advised residents to pay in person with cash, check, or card.
The outage impacted a wide array of BridgePay’s core services, suggesting extensive disruption for its clients. Affected systems included the BridgePay Gateway API, the PayGuardian Cloud API, the MyBridgePay virtual terminal and reporting dashboard, hosted payment pages, and several gateway and boarding portals. Other organizations, including Lightspeed Commerce and the City of Frisco, Texas, reported service issues stemming from the incident.
BridgePay’s status page documented the progression from initial degraded performance to a complete outage. The company has warned that recovery may be a lengthy process, emphasizing it is being handled securely while the investigation continues. This event underscores the vulnerability of critical payment infrastructure, where a single point of failure can trigger widespread operational chaos for businesses and public services alike. Ransomware attacks on financial and transactional systems create immediate, tangible disruptions to everyday commerce when essential payment pipelines are shut down.
(Source: Bleeping Computer)
