Data Security, Threat Intelligence

ShinyHunters-hit Checkout.com rejects ransom payment

Plain code with the word "cyberattack" in red.

UK-based payment services provider Checkout.com has denied paying the ransom sought by the ShinyHunters extortion group following the compromise of its legacy third-party cloud file storage system, opting to provide the demanded amount to Carnegie Mellon University and the University of Oxford Cyber Security Center for cybercrime research instead, The Register reports.

"Security, transparency and trust are the foundation of our industry. We will own our mistakes, protect our merchants, and invest in the fight against the criminal actors who threaten our digital economy," wrote Checkout.com Chief Technology Officer Mariano Albera in a blog post. Albera noted that the infiltrated database only contained internal operational files and merchant onboarding materials from 2020 and earlier, affecting less than a quarter of its merchant base.

Such a development comes after 85 extortion groups were reported by Check Point Research to be active during the previous quarter, which is the highest on record. Victims have also increased by 25% over the same period last year, according to the report.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds