Checkout.com Attacked: An Insight into the Data Breach by ShinyHunters
Introduction to the Incident
In a recent alarming incident, Checkout.com, a prominent online payment processor, became the target of a high-profile cyberattack orchestrated by the notorious extortion group, ShinyHunters. Claiming responsibility for breaching a Checkout.com server, the attackers threatened to release sensitive data unless a ransom was paid. However, the London-based company opted for a counterintuitive approach: rather than bow to extortion, they pledged to allocate the ransom amount—undisclosed to the public—to funding cybersecurity research at prominent universities.
Checkout.com’s Stance
In a firm response, Checkout.com’s Chief Technology Officer (CTO), Mariano Albera, took to the company’s blog to articulate their position. “We will not be extorted by criminals,” he stated unequivocally. The company’s refusal to meet the attackers’ demands highlights their commitment to security, trust, and transparency in a digital economy increasingly threatened by cybercriminals. “We will own our mistakes,” he continued, asserting the importance of maintaining accountability and protecting merchants, pivotal aspects of Checkout.com’s ethos.
The Breach Details
The breach involved a third-party cloud file storage system that had been inuse until 2020, primarily for internal operational documents and merchant onboarding materials. Albera revealed that less than 25% of their current merchant clients would be affected by this lapse and assured stakeholders that the core payment processing platform remained unaffected. The reassuring note was that no access had been gained to merchant funds or sensitive card numbers. However, he did acknowledge a critical misstep: the failure to decommission legacy systems properly.
“I regret that this incident has caused worry for our partners and people,” Albera admitted, highlighting the vital need for organizations to manage their data infrastructure proactively.
The Importance of Decommissioning Legacy Systems
The Checkout.com incident serves as a stark reminder of the vulnerabilities that lie in outdated systems. Cyberattacks on legacy systems that are poorly managed or not retired can lead to severe consequences. A similar instance in 2021 involved the DNA Diagnostics Center, which suffered a severe breach exposing sensitive health and financial information. The breach was traced back to an inherited database, left connected to the web, which harbored outdated records from a prior acquisition.
As Laura Parri Royo and Audren Butery from The TJC Group have articulated, legacy systems are often neglected in IT management. They pointed out that “this tendency is unsurprising,” as decommissioning older systems doesn’t have the allure of more cutting-edge projects but is crucial in today’s ever-evolving cyber landscape. With cybercrime escalating at an alarming rate, failure to decommission legacy systems can be one of the most costly oversights a tech executive can make.
Moving Forward: Collaborations and Proactive Measures
In response to the incident, Checkout.com is currently in the process of identifying and reaching out to affected clients while collaborating with law enforcement and regulatory bodies. Their proactive stance underscores a commitment to transparency and urgency in rectifying the situation. The funds that ShinyHunters demanded as ransom are now earmarked for fostering cybersecurity research at Carnegie Mellon University and the University of Oxford Cyber Security Center.
This initiative not only reflects the company’s refusal to capitulate to extortion but also contributes to the wider fight against cybercrime, moving from a defensive to a proactive position in cybersecurity.
Conclusion
The entire episode surrounding Checkout.com’s attack by ShinyHunters highlights the multifaceted challenges organizations face in the realm of cybersecurity. The emphasis on the importance of managing legacy systems, combined with a bold response to extortion, establishes a narrative that seeks to foster resilience in a landscape rife with digital threats. As we navigate this continuously evolving landscape, companies like Checkout.com serve as important case studies in the ongoing battle against cybercrime.
