I heard that payment card processing giant TSYS was hit by a ransomware attack and that the theives made off with tons of data and published some of it online. How could such a sophisticated company like TSYS, an industry leader, get tricked into this kind of situation. Also, did the company pay a ransom to get data access back?
Dav Mulroney, Merchant Level Salesperson
Dav,
Thank you for your inquiry. You are correct: TSYS is a top third-party payment processor in North America in addition to being a major processor in Europe. On Dec. 8, 2020, cybercriminal group Conti, which employs Ryuk ransomeware, published 10 gigabytes of data that it claimed to have removed from TSYS' networks. Ryuk is often used to target financial institutions.
Unfortunately, it takes duping only one person using a network to gain access and insert malware, so even the most sophisticated organizations can be preyed upon by clever cybercriminals. Fraudsters asserted they gained data pertaining to prepaid cards from TSYS. However, according to the company, this is not true. “We experienced a ransomware attack involving systems that support certain corporate back office functions of a legacy TSYS merchant business,” TSYS said in a statement. “We immediately contained the suspicious activity and the business is operating normally. ... Transaction processing is conducted on separate systems, has continued without interruption and no card data was impacted. We regret any inconvenience this issue may have caused. This matter is immaterial to the company.”
So, it looks like TSYS structured its networks to limit the potential impact of bad actors. The processor also acted swiftly to contain potential damage. TSYS did not state whether it paid ransom, but the Krebs on Security website, reported that Conti typically only publishes data from victims that refuse to negotiate a ransom payment.
This is a good reminder that we all need to structure networks for minimal potential impact by cybercriminals, render stolen data useless to thieves, and educate all network users on how to prevent being a victimized by criminals eager to do harm.
What issues are on your mind as we embark upon a new year? What questions do you have? Let us know at greensheet@greensheet.com. 
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.
Prev Next
