A ransomware attack on the U.S. payments platform provider BridgePay has caused widespread disruption, impacting various entities such as restaurants and municipal organizations, which are now unable to accept card payments.

BridgePay acknowledged the attack last Friday, informing that federal law enforcement and external forensic and recovery teams have been involved. A status update on their website indicated the ongoing nature of the outage.

The attack has disabled several key systems; however, BridgePay assured there is no evidence of payment card data compromise, highlighting that any accessed or stolen data during the incident was encrypted.

Cash Payments Only in the Immediate Future

Merchants who depend on BridgePay’s platform have been forced to accept only cash payments due to the card processing outage. Jimmy’s Roadhouse Bar & Grill in Michigan had to announce it would accept only cash on Super Bowl Sunday.

Municipal customers faced a more complicated situation, with the government of Palm Bay, Florida, reporting that their online billing payment portal was unavailable and no resolution timeframe was provided. Residents were instructed to make utility payments in person using cash, cards, or checks.

Ransomware’s Spread Through Centralized Infrastructure

Ransomware attackers have increasingly targeted central points of digital infrastructure where a single provider can affect businesses nationwide or globally. A ransomware attack on Salesforce last year led to the theft of over 1 billion customer records, impacting more than 40 companies from AirFrance to Walgreens.

An earlier extortion campaign against Oracle’s E-Business Suite also provided access to payroll, finance, and HR databases at numerous organizations, affecting nearly 30 major businesses including Mazda and Estee Lauder. These incidents highlight the risks of centralized service providers and emphasize the importance of cyber resilience—organizations’ ability to withstand, adapt to, and recover from cyberattacks.

Tracy Goldberg, Director of Cybersecurity at Javelin Strategy & Research, stressed that retailers and independent payments providers are increasingly vulnerable because their cybersecurity strategies have not evolved to address emerging risks. They need a proactive cyber resilience mindset, investing more in threat detection and prediction supported by cyberthreat and dark web intelligence.