Toronto-based Moneris, a tech company established by Canada’s major banks, recently reported halting a ransomware attack aimed at their systems. Despite being listed on a cybercrime group’s data leak site, the company’s cybersecurity team successfully prevented access to critical data, with no ransom demand made, as confirmed by a spokesperson responding to Recorded Future News.
The Medusa ransomware gang purportedly targeted Moneris, setting a nine-day ultimatum to pay a $6 million ransom to acquire or delete the compromised data. However, Moneris confirmed an external attempt to breach their networks, followed by a thorough audit that revealed no violations of their Digital Loss Prevention policies.
While Moneris didn’t disclose the attack’s timeline or whether a ransom was paid, the company emphasized its cybersecurity priority and the dedicated team managing cyber risks, ensuring minimal impact on Moneris and its customers.
As a joint venture between the Royal Bank of Canada and Bank of Montreal, Moneris has emerged as Canada’s largest payment processor, serving over 325,000 merchant locations nationwide.
This incident follows Moneris’ previous system outages in September, impacting multiple Canadian businesses.
The Medusa gang has been linked to various high-profile attacks in 2023, targeting entities like an Italian water provider, a major Minnesota school district, the French town of Sartrouville, Tonga’s state-owned telecom, and recently, the Philippines’ universal healthcare system.