LONDON — A major cyberattack disrupted payment processing systems used by several large financial institutions on Monday, forcing some banks and merchants in multiple countries to temporarily suspend electronic transactions while cybersecurity specialists worked to restore services, according to company statements and officials familiar with the response.
Several affected institutions reported intermittent outages in card payments, online banking transfers and merchant payment gateways. The full scope of the disruption remained unclear, and authorities in multiple jurisdictions said investigations were ongoing. No government agency had publicly attributed responsibility for the attack as of Monday afternoon.
BridgePay Network Solutions, a payment gateway provider whose services are used by merchants and financial organizations, said it had taken systems offline following what it described as a ransomware-related incident. The company said federal law enforcement agencies and external forensic teams had been engaged to assist with the investigation and recovery efforts.
“Restoration efforts remain ongoing, and we are working with specialized cybersecurity experts to safely return services to operation,” the company said in a statement. It added that initial forensic reviews had not found evidence that payment card information had been compromised, though the investigation was continuing.
Banks and payment providers affected by the disruption activated contingency procedures, including alternative transaction channels and manual processing methods where available. Some merchants reported being unable to process card payments and temporarily shifted to cash-only operations, according to company notices and industry reports.
The incident follows a series of cyber-related disruptions targeting financial infrastructure over the past year. Financial regulators and security agencies in several countries have repeatedly warned that payment networks and banking systems remain attractive targets for ransomware groups and other cybercriminals because of their central role in economic activity.
Cybersecurity experts said determining the origin, method and ultimate impact of such attacks can take weeks or months. Officials cautioned against drawing conclusions before forensic examinations are completed. Details regarding the attackers, the initial point of entry and the total number of institutions affected remain unclear.
As of late Monday, affected companies said recovery operations were continuing and some services had begun returning to normal operation. Authorities said monitoring efforts would remain in place while investigators assessed whether any customer or institutional data had been accessed during the disruption.
