Payment processing platform Checkout.com has taken an unusual approach following a recent cyber attack, publicly apologizing for the breach and announcing that it will donate the ransom amount to support cybersecurity research. The incident involved the ShinyHunters hacking group, which accessed data from a legacy third-party cloud storage system previously used by Checkout.com for internal operations and merchant onboarding. According to Mariano Albera, CTO of Checkout.com, less than 25 percent of the company’s current merchant base was affected, and no payment card information was compromised. The breach was limited to a system used before 2020, ensuring that active customer payment platforms remained secure.
Rather than responding with standard corporate language such as “we are investigating” or “we take security seriously,” Checkout.com chose to acknowledge responsibility and say sorry. The company explicitly communicated the incident and assured stakeholders that it would not succumb to ransom demands. Instead, it will donate the ransom amount to Carnegie Mellon University and the University of Oxford Security Center to support research in the fight against cybercrime. This decision highlights a rare combination of transparency, accountability, and a proactive stance on contributing to cybersecurity knowledge, contrasting with the common corporate approach of avoiding direct acknowledgment of breaches.
Despite the positive response, the breach underscores the risks associated with legacy systems that remain accessible, unmonitored, and unpatched. While Checkout.com’s handling of the incident was praised for transparency and responsibility, the root cause was a decommissioned system that was not fully secured. Cybersecurity experts emphasize that organizations must identify and remediate vulnerabilities in older infrastructure to prevent similar incidents. Legacy platforms often contain sensitive information, and attackers can exploit such systems if proper monitoring and security controls are not applied.
The situation serves as a reminder for businesses to adopt proactive measures in securing their IT environments. Security teams are advised to conduct pre-mortem exercises, auditing all existing systems, identifying forgotten or unmonitored platforms, and verifying that credentials and access controls are appropriately managed. By addressing potential vulnerabilities before they are exploited, organizations can reduce the likelihood of breaches and avoid the difficult position of having to publicly apologize while managing reputational and operational impacts. Checkout.com’s approach demonstrates that clear communication, accountability, and investment in cybersecurity research can help restore trust, but it also reinforces the importance of maintaining a secure and well-monitored IT infrastructure.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
