BridgePay Payment Gateway Hit by Ransomware, Causing Nationwide Outages

BridgePay Network Solutions, a U.S. payment gateway provider, reports a ransomware attack that caused a nationwide outage, disrupting credit card processing for thousands of merchants and government entities. 

The attack was detected with degraded performance in the Gateway.Itstgate.com virtual terminal around 3:29 a.m. EST on February 6, 2026, before escalating into a full system failure. 

Attackers deployed ransomware that encrypted core production systems, including the BridgePay Gateway API (BridgeComm) and PayGuardian Cloud API. 

Initial forensic assessments indicate that the attackers accessed files but primarily focused on encryption instead of data theft. The compromised data is expected to include:

• Internal system files (encrypted)
• Administrative records
• Gateway configuration data
• API metadata

The number of affected individuals is not disclosed. BridgePay claims that no payment card data was compromised during the event.

BridgePay isolated affected systems, engaged external cybersecurity specialists and notified law enforcement. The company is working with the U.S. Secret Service forensic team to conduct system clearances before bringing services back online. Affected partners were forced to implement manual workarounds or cash-only operations during the downtime.