BridgePay Payment Gateway Ransomware Attack Causes Outages

BridgePay Network Solutions, a major U.S. payment gateway provider, has confirmed it fell victim to a ransomware attack. The incident triggered a widespread outage, disrupting card processing for merchants nationwide.

The outage began early on February 6, 2026, around 3:29 a.m. EST with degraded performance in systems like the Gateway.Itstgate.com virtual terminal, reporting, and API. By 5:48 a.m. EST, BridgePay posted its first status update, noting systems were down with an unknown resolution time.

An hour later, at 6:34 a.m., the company identified a cybersecurity incident and began investigating with internal teams, external specialists, and the FBI, without an estimated restoration timeframe.

At noon EST, BridgePay reported that systems remained unavailable, emphasizing collaboration with the U.S. Secret Service forensic team and cybersecurity professionals to conduct assessments and clearances.

By 7:08 p.m. EST, about 12 hours ago, as of February 7, the firm confirmed ransomware as the cause. Initial forensics showed no payment card data was compromised, with the accessed files encrypted and no evidence of any usable data exposure.

The attack crippled core services, including the BridgePay Gateway API (BridgeComm), PayGuardian Cloud API, MyBridgePay virtual terminal and reporting, hosted payment pages, and PathwayLink gateway and boarding portals.

Merchants quickly resorted to cash-only operations; one restaurant cited a nationwide cybersecurity breach in its card processor. Florida’s City of Palm Bay announced its online billing portal was down due to BridgePay, urging in-person cash, card, or check payments.

Other impacts hit Lightspeed Commerce, ThriftTrac, and the City of Frisco, Texas. BridgePay stated no immediate threat to integrators but prioritized secure restoration.

BridgePay engaged federal authorities like the FBI and Secret Service, plus forensic, recovery, and leading cybersecurity teams. The firm acknowledged a potentially lengthy recovery, focusing on customer protection without naming the ransomware group.

As of the latest update, operations restoration proceeds urgently but responsibly, with more details promised.

This incident underscores the rising threat of ransomware to payment infrastructure, where disruptions can halt real-world commerce. Unlike some attacks with data exfiltration, BridgePay reports encryption-only access so far. No full recovery ETA exists, heightening uncertainty for reliant businesses.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.