What happened
Payments platform BridgePay confirmed that a ransomware attack was responsible for a significant service outage affecting its systems. According to the company’s notice, its processing infrastructure experienced disruptions after threat actors successfully deployed ransomware that encrypted internal systems and prevented normal operations. BridgePay said it detected the malicious activity and took systems offline to prevent further damage. The attack led to outages in payment processing services relied on by merchants and partners, with the company working to restore functionality while investigating the scope of the incident. BridgePay also engaged external cybersecurity professionals to assist in incident response and remediation efforts, and it notified affected merchants about the outage and the nature of the ransomware attack.
Who is affected
Merchants and partners that depend on BridgePay’s payment processing services are directly affected through interruptions to transaction capabilities and service availability resulting from the ransomware incident.
Why CISOs should care
Ransomware attacks against payment infrastructure highlight ongoing operational and financial risk to critical service providers, as disruptions can cascade to customer systems and impact transaction flows across connected ecosystems.
3 practical actions
- Assess system backups and restoration plans. Ensure payment processing and critical infrastructure can be restored from isolated backups.
- Monitor for lateral movement indicators. Review logs for signs of ransomware propagation across internal networks.
- Review vendor incident responses. Engage with service providers to understand their mitigation strategies and timelines.