Close Menu
Cybercrime and Ransomware

Checkout.com Faces Data Breach Following Extortion Attempt

Staff WriterBy No Comments3 Mins Read2 Views

Fast Facts

  1. Checkout.com disclosed a data breach involving a legacy third-party cloud storage system used for internal documents, not affecting payment processing or merchant funds.
  2. The breach was caused by attackers from the ShinyHunters group, which gained access due to improper decommissioning of the outdated system.
  3. The company reported the incident to law enforcement, assured no merchant funds or card data were accessed, and declined to pay the ransom.
  4. Instead, Checkout is donating the ransom amount to cybersecurity research initiatives at Carnegie Mellon University and Oxford University, viewing the attack as a call to improve industry-wide security.

The Core Issue

Checkout.com, a global payment service provider, recently disclosed a data breach caused by hackers linked to the infamous ShinyHunters group, which attempted to extort the company. The breach involved an outdated third-party cloud storage system that hadn’t been used since 2020, primarily containing internal operational and merchant onboarding documents. The attackers gained access through a failure to properly decommission this legacy system, a mistake for which Checkout.com admits full responsibility. Importantly, the hackers did not access sensitive merchant payment data or card information, and the company is actively investigating the incident, reporting it to law enforcement and regulators. The extortion attempt was unsuccessful, and Checkout.com has publicly refused to pay the ransom, opting instead to donate the ransom amount to cybersecurity research centers at Carnegie Mellon University and Oxford University, turning a criminal attack into an investment in industry security.

Critical Concerns

The recent disclosure of a data breach at Checkout.com following an extortion attempt underscores a significant threat that any business faces, highlighting how cybercriminals can exploit vulnerabilities to access sensitive customer information, financial data, or proprietary systems. When such a breach occurs, the repercussions are far-reaching, including financial loss from fraud or theft, irreversible damage to brand reputation, erosion of customer trust, and potential legal liabilities due to non-compliance with data protection regulations. For any business, especially those handling payment processing or personal data, this threat translates into operational disruption, increased security costs, and a long-lasting impact on stakeholder confidence—demonstrating that cyber extortion and data breaches are not just technical issues but critical business risks capable of threatening overall stability and growth.

Possible Actions

Timely remediation is critical in the wake of a data breach like the one experienced by Checkout.com, especially following an extortion attempt, to minimize damage, protect sensitive customer information, and restore trust. Rapid response not only contains the incident but also prevents further exploitation of vulnerabilities, ensuring organizational resilience and compliance with cybersecurity standards.

Incident Response

  • Activate the incident response team immediately.
  • Document all breach-related details thoroughly.

Communication

  • Notify stakeholders, customers, and regulators promptly.
  • Provide clear, transparent information about the breach and remediation efforts.

Containment

  • Isolate affected systems to prevent further spread.
  • Disable compromised accounts or services.

Eradication

  • Remove malicious tools or unauthorized access points.
  • Patch exploited vulnerabilities.

Recovery

  • Restore systems from secure backups.
  • Monitor systems closely for signs of ongoing activity.

Analysis & Improvement

  • Conduct a root cause analysis.
  • Review and enhance existing security measures and policies.

Legal & Compliance

  • Engage legal counsel for regulatory reporting.
  • Document breach and response actions for compliance and future reference.

Continue Your Cyber Journey

Discover cutting-edge developments in Emerging Tech and industry Insights.

Access world-class cyber research and guidance from IEEE.

Disclaimer: The information provided may not always be accurate or up to date. Please do your own research, as the cybersecurity landscape evolves rapidly. Intended for secondary references purposes only.

Cyberattacks-V1cyberattack-v1-multisource

Share.
Avatar photo

John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.

Related Posts

Comments are closed.