BridgePay Network Solutions Hit by Ransomware Attack, Disrupting Nationwide Payment Processing
BridgePay Network Solutions, a major U.S. payment gateway provider, confirmed a ransomware attack on February 6, 2026, causing a widespread outage that disrupted card processing for merchants across the country. The incident began at approximately 3:29 a.m. EST, with degraded performance in critical systems, including the Gateway.Itstgate.com virtual terminal, reporting, and API services.
By 5:48 a.m., BridgePay acknowledged the outage in its first status update, though no resolution timeline was provided. At 6:34 a.m., the company identified a cybersecurity incident and launched an investigation with internal teams, external specialists, and the FBI. By noon, the U.S. Secret Service’s forensic team joined the effort, though systems remained offline.
At 7:08 p.m. EST nearly 16 hours after the initial disruption BridgePay confirmed ransomware as the cause. Initial forensic analysis indicated no payment card data was compromised, with encrypted files showing no evidence of usable data exposure. However, the attack crippled core services, including the BridgePay Gateway API (BridgeComm), PayGuardian Cloud API, MyBridgePay virtual terminal, hosted payment pages, and PathwayLink gateway portals.
The outage forced merchants to switch to cash-only transactions, with businesses like a Florida restaurant citing a "nationwide cybersecurity breach" in their card processor. The City of Palm Bay, Florida, reported its online billing portal was affected, directing residents to pay in person with cash, cards, or checks. Other impacted entities included Lightspeed Commerce, ThriftTrac, and the City of Frisco, Texas. While BridgePay assured integrators there was no immediate threat, recovery efforts were prioritized to restore services securely.
Federal authorities, including the FBI and Secret Service, were engaged alongside cybersecurity and forensic teams. BridgePay acknowledged a potentially lengthy recovery process, emphasizing customer protection without disclosing the ransomware group responsible. As of the latest update, restoration efforts continue urgently, though no estimated time for full recovery has been provided.
The incident highlights the growing risk of ransomware targeting payment infrastructure, where disruptions can paralyze real-world commerce. Unlike attacks involving data exfiltration, BridgePay reported only encrypted access so far, though uncertainty persists for affected businesses.
Source: https://cybersecuritynews.com/bridgepay-ransomware-attack/
BridgePay Network Solutions cybersecurity rating report: https://www.rankiteo.com/company/bridgepay-network-solutions
"id": "BRI1770501194",
"linkid": "bridgepay-network-solutions",
"type": "Ransomware",
"date": "2/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Merchants nationwide',
'industry': 'Financial Services',
'location': 'United States',
'name': 'BridgePay Network Solutions',
'type': 'Payment Gateway Provider'},
{'industry': 'Retail/Technology',
'name': 'Lightspeed Commerce',
'type': 'Business'},
{'name': 'ThriftTrac', 'type': 'Business'},
{'customers_affected': 'Residents using online billing '
'portal',
'industry': 'Public Sector',
'location': 'Florida, United States',
'name': 'City of Palm Bay, Florida',
'type': 'Government'},
{'industry': 'Public Sector',
'location': 'Texas, United States',
'name': 'City of Frisco, Texas',
'type': 'Government'}],
'customer_advisories': 'Merchants advised to switch to cash-only '
'transactions; residents directed to pay in person for '
'affected services',
'data_breach': {'data_encryption': 'Yes (files encrypted by ransomware)',
'data_exfiltration': 'No evidence of data exfiltration',
'personally_identifiable_information': 'No evidence of PII '
'exposure',
'type_of_data_compromised': 'None (encrypted files showed no '
'evidence of usable data '
'exposure)'},
'date_detected': '2026-02-06T03:29:00-05:00',
'date_publicly_disclosed': '2026-02-06T05:48:00-05:00',
'description': 'BridgePay Network Solutions, a major U.S. payment gateway '
'provider, confirmed a ransomware attack on February 6, 2026, '
'causing a widespread outage that disrupted card processing '
'for merchants across the country. The incident began with '
'degraded performance in critical systems, including the '
'*Gateway.Itstgate.com* virtual terminal, reporting, and API '
'services. The attack crippled core services, forcing '
'merchants to switch to cash-only transactions. Federal '
'authorities, including the FBI and Secret Service, were '
'engaged alongside cybersecurity and forensic teams. BridgePay '
'reported no payment card data was compromised, though '
'recovery efforts are ongoing.',
'impact': {'data_compromised': 'No payment card data compromised (encrypted '
'files showed no evidence of usable data '
'exposure)',
'downtime': '16+ hours (ongoing as of latest update)',
'operational_impact': 'Widespread disruption of card processing '
'for merchants nationwide; forced cash-only '
'transactions for businesses',
'payment_information_risk': 'No immediate evidence of payment card '
'data exposure',
'systems_affected': ['Gateway.Itstgate.com virtual terminal',
'BridgePay Gateway API (BridgeComm)',
'PayGuardian Cloud API',
'MyBridgePay virtual terminal',
'Hosted payment pages',
'PathwayLink gateway portals',
'Reporting and API services']},
'investigation_status': 'Ongoing',
'lessons_learned': 'Highlights the growing risk of ransomware targeting '
'payment infrastructure, where disruptions can paralyze '
'real-world commerce. Emphasizes the need for robust '
'incident response and recovery plans in financial '
'services.',
'ransomware': {'data_encryption': 'Yes',
'data_exfiltration': 'No evidence of data exfiltration'},
'references': [{'date_accessed': '2026-02-06',
'source': 'BridgePay Network Solutions Status Updates'},
{'date_accessed': '2026-02-06',
'source': 'Federal Authorities (FBI, U.S. Secret Service)'}],
'response': {'communication_strategy': 'Status updates via company channels; '
'advisories to merchants and '
'integrators',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes (FBI, U.S. Secret Service)',
'recovery_measures': 'Ongoing; no estimated time for full '
'recovery provided',
'remediation_measures': 'Forensic analysis, system restoration '
'prioritized',
'third_party_assistance': 'External cybersecurity specialists, '
'FBI, U.S. Secret Service forensic '
'team'},
'stakeholder_advisories': 'Advisories to merchants and integrators; no '
'immediate threat confirmed',
'title': 'BridgePay Network Solutions Hit by Ransomware Attack, Disrupting '
'Nationwide Payment Processing',
'type': 'Ransomware'}