A major U.S. payment gateway and solutions provider reports that a ransomware attack knocked key systems offline, triggering a widespread outage that affected multiple services.
The incident began on Friday and quickly escalated into a nationwide disruption across BridgePay’s platform.
Shortly afterward, BridgePay Network Solutions confirmed late Friday that ransomware caused the incident disrupting its payment gateway.
Company Engages Law Enforcement and Forensic Teams
In an update posted Feb. 6, the company said it engaged federal law enforcement, including the FBI and U.S. Secret Service, along with external forensic and recovery teams.
“Initial forensic findings indicate that no payment card data has been compromised,” the company said, adding that any accessed files were encrypted and that there is currently “no evidence of usable data exposure.”
Meanwhile, BleepingComputer contacted BridgePay with questions about the ransomware group involved, which BridgePay has not yet named.
Around the same time BridgePay disclosed the incident, some U.S. merchants and organizations began telling customers they could only accept cash due to a nationwide card-processing outage.
One restaurant said its “credit card processing company had a cyber security breach” and that card payments were unavailable nationwide.
Restaurant says it can only take cash during a point-of-sale outage
Local Governments Issue Public Advisories
“BridgePay Network Solutions, our third-party credit card processing vendor, is experiencing a nationwide service disruption. As a result, the City’s online billing payment portal is currently unavailable. We do not have an estimated restoration time.” – City of Palm Bay, Florida government announced.
As such, the city government suggests that customers may make utility payments by cash, card, or check by appearing in person or, in limited cases, by calling the office.
Additionally, other organizations, including Lightspeed Commerce, ThriftTrac, and City of Frisco, Texas reported service impacts from the BridgePay incident.
Core Systems Go Offline as Outage Escalates
BridgePay’s status page showed major outages across core production systems, including:
- BridgePay Gateway API (BridgeComm)
- PayGuardian Cloud API
- MyBridgePay virtual terminal and reporting
- Hosted payment pages
- PathwayLink gateway and boarding portals
Early warning signs appeared around 3:29 a.m., when monitoring detected degraded performance across multiple services, beginning with the “Gateway.Itstgate.com – virtual terminal, reporting, API” systems.
Soon after, the intermittent service degradation cascaded into a full system outage.
Within hours, the company disclosed that the incident involved cybersecurity issues and later confirmed ransomware as the cause.
Ongoing Recovery and Broader Industry Impact
The breadth of affected systems suggests widespread disruption for merchants and payment integrators that rely on the platform for card processing.
As of the latest update, BridgePay said recovery could take time and is being handled “in a secure and responsible manner,” while the company continues its forensic investigation.
Ultimately, the incident adds to a growing wave of ransomware attacks targeting payment infrastructure, where outages can quickly ripple through real-world commerce when transaction pipelines go down.
Source: BleepingComputer, Ax Sharma
Read more at Impreza News
