CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Data Breaches

Checkout.com Discloses Data Breach After Extortion Attempt

The information was stolen from a legacy cloud file storage system, not from its payment processing platform. The post Checkout.com Discloses Data Breach After Extortion Attempt appeared first on SecurityWeek.

Global payment service provider Checkout.com has disclosed a data breach after a known hacking group attempted to extort it.

The incident, Checkout says, involved a legacy, third-party cloud file storage system that had not been used since 2020, and did not affect its payment processing platform.

“The system was used for internal operational documents and merchant onboarding materials at that time,” the company says.

“The episode occurred when threat actors gained access to this third-party legacy system which was not decommissioned properly. This was our mistake, and we take full responsibility,” Checkout notes.

According to the platform, the attackers did not access merchant funds or card numbers.

Checkout has launched an investigation into the attack to determine its scope and identify the affected entities. It has reported the attack to law enforcement and the relevant regulators.

The attack, the company says, was claimed by the notorious ShinyHunters extortion group, which emerged in 2020 and joined forces with Scattered Spider earlier this year. In September, Scattered Spider and ShinyHunters jointly announced their retirement.

In October, a new group called Scattered LAPSUS$ Hunters – likely an offshoot of Lapsus$, Scattered Spider, and ShinyHunters – emerged and claimed responsibility for a Salesforce campaign that impacted dozens of organizations.

The group leaked millions of records allegedly stolen from compromised Salesforce instances and also attempted to extort Salesforce, but the company said the hackers’ claims were related to past or unsubstantiated incidents.

Their attempt to extort Checkout failed too. “We will not be extorted by criminals. We will not pay this ransom,” the company said.

“Instead, we are turning this attack into an investment in security for our entire industry. We will be donating the ransom amount to Carnegie Mellon University and the University of Oxford Cyber Security Center to support their research in the fight against cybercrime,” Checkout added.

Related: In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea

Related: CISA Confirms Exploitation of Latest Oracle EBS Vulnerability

Related: Scattered Spider Suspect Arrested in US

Related: Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks

Latest News

CYBERNEWSMEDIAPublisher