Payment software giant AvidXchange suffers its second ransomware attack of 2023Reading Time: 2 minutes
Hackers have published a trove of sensitive data stolen from payment software company AvidXchange after the company fell victim to ransomware for the second time this year.
AvidXchange provides cloud-based software that helps organizations automate invoice processing and payment management processes. The North Carolina-based company says it processed 70 million transactions for 8,000 customers in 2022.
A ransomware group called RansomHouse claimed responsibility for the recent cyberattack on AvidXchange.
‘Dear AvidXchange, We strongly recommend you to contact us to prevent your confidential data, documents from being leaked,’ a message on RansomHouse’s dark web leak site reads.
The leak also includes login details, including usernames, passwords and, in some cases, answers to security questions for a variety of the company’s systems, including cloud accounts and security software, through to smart door locks and surveillance cameras. The leaked login details suggest that AvidXchange uses easily guessable passwords with derivations of the company’s name and the word ‘password’ itself. Notes in the document suggest many of the logins may still be in use.
In a short statement on its website, AvidXchange said the incident ‘affected some of our systems and data.’ The company said its investigation is ongoing, but confirmed that it detected in early April that ‘some data from these systems was exfiltrated.’
RansomHouse, which has been active since 2021, describes itself as a ‘professional mediators community’ that targets organizations with a ‘negligent attitude to the privacy and security of their customers’ personal data.’ The ransomware gang also recently claimed chipmaker AMD and Africa’s largest retailer Shoprite as victims.
It remains unclear how AvidXchange was compromised, how many customers and employees are affected by the breach and whether AvidXchange has the means to determine what data was exfiltrated from its systems.
Clop’s dark web leak site currently lists data it allegedly stole from AvidXchange, including the company’s GoAnywhere backups.
MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG