- Checkout.com refuses to pay a ransom to ShinyHunters following breach
- It will donate the ransom amount to two universities instead
- CTO Mariano Albera stresses “security, transparency and trust”
Checkout.com CTO Mariano Albera has confirmed the company was targeted by a digital extortion attempt by the group ShinyHunters during the first week of November 2025, but the outcome might not be as you’d expect.
Attackers accessed a legacy third-party cloud file storage system that had not been properly decommissioned by Checkout.com, affecting internal operation documents and merchant onboarding materials from 2020 and before.
“We estimate that this would affect less than 25% of our current merchant base,” Albera noted.
Because of the nature of the breach, live payment processing systems have not been impacted, and the attackers did not access merchant funds or card numbers.
CTO Mariano Albera publicly apologized for the incident, taking full responsibility for the oversight. However, Checkout.com confirmed it would not pay the ransom demanded by ShinyHunters: “We will not be extorted by criminals. We will not pay this ransom.”
The company has opted to donate the ransom amount to Carnegie Mellon University and the University of Oxford Cyber Security Center “to support their research in the fight against cybercrime.”
“Security, transparency and trust are the foundation of our industry. We will own our mistakes, protect our merchants, and invest in the fight against the criminal actors who threaten our digital economy,” Albera added.
Checkout.com has been praised for its transparency and refusal to fund criminal activity. It’s unclear how much has been donated to the two university research centers.
In the meantime, Checkout.com is contacting impacted customers and coordinating with law enforcement and regulators.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
The post Hacked company CTO refuses to pay ransom demand, donates money to funding research instead first appeared on TechToday.
This post originally appeared on TechToday.