In the past hours, another prominent name in global finance has fallen victim to a cyber attack on its IT infrastructure. This time, the Canadian company Moneris, a technology and financial firm specializing in digital payment processing and serving as a partner for leading card brands in Canada such as AlphaPay, American Express, Apple Pay, Balpex, Canadian Retail Solutions, Diners Club International, Discover Global Network, Google Pay, Interac, JCB, Mastercard, Oracle, Tulip, Union Pay, Visa, Wix, among others, has suffered the consequences.
Moneris provides hardware and software technologies and is considered the largest Canadian provider of solutions for mobile, online, and in-store payments. It processes over 33% of digital transactions in Canada (over 3 billion annually) for businesses of all sizes and industries. Founded in 2000 as a joint venture between the Royal Bank of Canada and the Bank of Montreal, its main headquarters are in Toronto, with additional offices in Burnaby, Calgary, Montreal, New Brunswick, and Sackville.
Through its blog, the Medusa Team has released a small portion of administrative documents and emails that appear to have been exfiltrated from the Canadian company’s servers, setting the ransom price at $6 million. This amount is notably high when compared to the figures demanded in recent months from other victims listed on their blog. The ransom is to be paid by November 22nd.
On November 13th, Moneris issued a statement on its website refuting any ransom demand. The company confirmed that the cybercriminal group did not gain access to critical data, thanks to the intervention of its cybersecurity team, preventing the exfiltration of customer documents. The news of data theft and ransom demand by the ransomware group has been labeled by the Canadian company as “False Reports of Ransomware Impacting Moneris.”
We contacted Moneris via email seeking a statement on the case, but as of now, we have not received any response.
SuspectFile will update the article in case of any new developments.
Let’s update the article with the response that we received via email from the Communications Director of Moneris on November 14th
Our statement from yesterday has not changed.