Krebs on Security
Payment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business.
On December 8, the cybercriminal gang responsible for deploying the Conti ransomware strain (also known as “Ryuk“) published more than 10 gigabytes of data that it claimed to have removed from TSYS’s networks.
Conti is one of several cybercriminal groups that maintains a blog which publishes data stolen from victims in a bid to force the negotiation of ransom payments. The gang claims the data published so far represents just 15 percent of the information it offloaded from TSYS before detonating its ransomware inside the company.
In a written response to requests for comment, TSYS said the attack did not affect systems that handle payment card processing.
“We experienced a ransomware attack involving systems that support certain corporate back office functions of a legacy TSYS merchant business,” TSYS said. “We immediately contained the suspicious activity and the business is operating normally.”
Looking for information about how COVID-19 has impacted the payments industry?
The Strawhecker Group (TSG) and Visa Consulting & Analytics (VCA) teamed up to survey a representative sample of U.S. consumers, and analyzed Visa’s proprietary spend data, with the goal of understanding how the COVID-19 pandemic has impacted consumer lifestyles, payments trends, and how behaviors may change after the pandemic.