Payments platform BridgePay confirms ransomware attack behind outage
Source: Bleeping Computer
Ransomware confirmed within hours of outage
BridgePay Network Solutions confirmed late Friday that the incident disrupting its payment gateway was caused by ransomware.
In an update posted Feb. 6, the company said it has engaged federal law enforcement, including the FBI and U.S. Secret Service, along with external forensic and recovery teams.
“Initial forensic findings indicate that no payment card data has been compromised,” the company said, adding that any accessed files were encrypted and that there is currently “no evidence of usable data exposure.”
BleepingComputer has contacted BridgePay with questions about the ransomware group involved, which BridgePay has not yet named.
Merchants report cash‑only payments
Around the same time BridgePay disclosed the incident, some U.S. merchants and organizations began telling customers they could only accept cash due to a nationwide card‑processing outage.
One restaurant reported that its “credit card processing company had a cyber security breach” and that card payments were unavailable nationwide.
Restaurant says it can only take cash during a point‑of‑sale outage
City of Palm Bay, Florida government announced:
“BridgePay Network Solutions, our third‑party credit card processing vendor, is experiencing a nationwide service disruption. As a result, the City’s online billing payment portal is currently unavailable. We do not have an estimated restoration time.”
The city suggests that customers may make utility payments by cash, card, or check in person, or by calling the office in limited cases.
Other organizations, including Lightspeed Commerce, ThriftTrac, and the City of Frisco, Texas, have reported service impacts from the BridgePay incident.
Payment gateway services hit hard
BridgePay’s status page showed major outages across core production systems, including:
- BridgePay Gateway API (BridgeComm)
- PayGuardian Cloud API
- MyBridgePay virtual terminal and reporting
- Hosted payment pages
- PathwayLink gateway and boarding portals
Early warning signs appeared around 3:29 a.m., when monitoring detected degraded performance across multiple services, beginning with the “Gateway.Itstgate.com – virtual terminal, reporting, API” systems. The intermittent degradation eventually cascaded into a full system outage.
Within hours, the company disclosed the incident was cybersecurity‑related and later confirmed it was ransomware. The breadth of affected systems suggests widespread disruption for merchants and payment integrators relying on the platform for card processing.
As of the latest update, BridgePay said recovery could take time and is being handled “in a secure and responsible manner,” while the company continues its forensic investigation.
The incident adds to a growing wave of ransomware attacks targeting payment infrastructure, where outages can quickly ripple through real‑world commerce when transaction pipelines go down.