Light bulb Limited Spots Available: Secure Your Lifetime Subscription on Gumroad!

Feb 09, 2026 · 5 min read

Ransomware Attack Takes Down Major Payment Processor—Merchants Forced to Go Cash Only

BridgePay confirms a ransomware attack has knocked key payment processing systems offline, causing nationwide disruptions for merchants and municipalities.

The Attack Timeline

BridgePay Network Solutions, a major payment gateway provider, confirmed on February 7 that a ransomware attack was responsible for a service disruption that had begun the previous day. Early warning signs appeared around 3:29 a.m. EST on February 6 when monitoring systems detected degraded performance in the company's virtual terminal and reporting tools.

By 7:08 p.m. that evening, approximately 12 hours after the first signs of trouble, BridgePay confirmed that ransomware was the cause. The company immediately engaged federal law enforcement, including the FBI and U.S. Secret Service, along with external forensic and recovery teams.

Systems Taken Offline

The attack crippled multiple critical payment processing systems that merchants rely on for daily transactions:

  • BridgePay Gateway API (BridgeComm): The core system for processing card transactions
  • PayGuardian Cloud API: Cloud based payment processing services
  • MyBridgePay: Virtual terminal and reporting tools for merchants
  • Hosted payment pages: Web based checkout systems
  • PathwayLink: Gateway and merchant boarding portals

With these systems down, merchants using BridgePay as their payment processor lost the ability to accept credit and debit card transactions entirely.

Payment terminal showing offline status in a retail environment

Merchants and Cities Affected

The outage cascaded across the payment ecosystem, forcing businesses nationwide to switch to cash only operations. Merchants of all sizes found their point of sale systems unable to process electronic payments, leaving customers scrambling for cash or unable to complete purchases.

The impact extended to government services. The City of Palm Bay, Florida announced that its online billing portal was down due to the BridgePay disruption, urging residents to make payments in person using cash, card, or check. The City of Frisco, Texas and retail platform Lightspeed Commerce were among other organizations reporting impacts.

For many small businesses operating on thin margins, even a single day without card processing capability can mean significant revenue loss. Restaurants, retail stores, and service providers who depend on electronic payments were left with few options.

Payment Card Data Reportedly Safe

BridgePay provided some reassurance regarding customer data security. The company stated that initial forensic findings indicate no payment card data has been compromised. Any files that may have been accessed were encrypted, and there is currently no evidence of usable data exposure.

However, the company cautioned that the investigation is ongoing. Ransomware attacks often involve data exfiltration before encryption, and the full scope of what attackers may have accessed typically takes weeks or months to determine.

Recovery and Response

BridgePay indicated that recovery would proceed in a secure and responsible manner while investigations continued. The company did not provide a specific timeline for when all services would be restored, suggesting the process could take considerable time.

The involvement of the FBI and Secret Service underscores the seriousness of the incident. Federal agencies typically become involved in ransomware cases that affect critical infrastructure or have the potential for widespread economic impact.

BridgePay has not named the ransomware group responsible for the attack or disclosed whether a ransom demand was made. The company also has not indicated whether it is negotiating with the attackers or plans to pay any ransom.

The Broader Payment Security Picture

The BridgePay attack highlights the cascading risks when critical financial infrastructure is compromised. Payment processors sit at the center of the economic ecosystem, connecting merchants with banks and card networks. When that link breaks, the impact ripples outward to affect thousands of businesses and millions of consumers.

Ransomware gangs have increasingly targeted organizations whose downtime creates maximum pressure to pay. Healthcare providers, logistics companies, and now payment processors face the reality that every hour of disruption costs money and erodes customer trust.

For businesses that rely on payment processors, the BridgePay incident is a reminder to consider backup payment options and business continuity plans. Having a secondary processor configured, even if rarely used, can mean the difference between staying open and going dark when primary systems fail.