Accounting software provider Tipalti investigating alleged ransomware attack

Accounting software giant Tipalti said it is investigating reports of a ransomware attack after a gang spent the weekend attempting to extort the company and its customers.

Accounting software giant Tipalti said it is investigating reports of a ransomware attack after a gang spent the weekend attempting to extort the company and its customers.

On Saturday, the Black Cat/AlphV ransomware gang claimed that it attacked the California-based company and began to threaten several of its most well-known customers, including Roblox, Twitch and others.

Tipalti did not respond to requests for comment but released a statement on Monday afternoon on social media sites.

“Over the past weekend, a ransomware group claimed that they allegedly gained access to confidential information belonging to Tipalti and its customers,” the company said.

“Tipalti takes the security of our systems and data very seriously and has strong security protocols and tools in place. We are thoroughly investigating this claim.”

The company makes software for accounting and payment automation, processing more than $50 billion in payments annually through a customer base of over 3,500. Since emerging in 2010, Tipalti has slowly become one of the largest accounting software firms, winning numerous awards this year for its products.

BlackCat/AlphV reposted the company to its leak site on Monday, claiming that it was reaching out to the Tipalti customers from which it stole the most amount of data.

The gang has shown a particular interest in the financial services industry.

Black Cat/AlphV caused widespread outages on point-of-sale technology used widely by restaurants after an April attack on payment processing giant NCR.

In the last month alone, two attacks have caused real-world effects on people and companies.

The first incident, involving financial software company MeridianLink, drew headlines because the gang reported the company to the Securities and Exchange Commission because it didn’t file its own report. Later, an attack on Fidelity National Financial — a Fortune 500 provider of title insurance for property sales — caused significant outages that snarled thousands of home purchases, stopping hundreds of owners from completing their deals.

Those attacks came after the group caused the shutdown of parts of Las Vegas following their infiltration and crippling of MGM Resorts in August.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Military cyber advocacy group taps first president to harness growing ‘hive mind’

Next Post

Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks

Related Posts

MITRE Unveils EMB3D: A Threat-Modeling Framework for Embedded Devices

The MITRE Corporation has officially made available a new threat-modeling framework called EMB3D for makers of embedded devices used in critical infrastructure environments. "The model provides a cultivated knowledge base of cyber threats to embedded devices, providing a common understanding of these threats with the security mechanisms required to mitigate them," the non-profit said
Read More