Cross Switch payment gateways suffers data breach, exposes over 3 million individuals

published: Jan. 3, 2024

Learn More

Cross Switch, a prominent online payment gateway management firm, is grappling with a significant data breach perpetrated by a ransomware group IntelBroker. Cross Switch, headquartered in Luxembourg, is a leading pan-Africa focused Payment Service Provider (PSP), offering a wide range of financial technology solutions designed to meet the needs of both local and international clients.

IntelBroker has publicized the breach on dark web forums, announcing the leak of Cross Switch's database.  In the post, IntelBroker announced the availability of Cross Switch's database for download. The post did not clarify the reasons behind the data leak or what IntelBroker intended to achieve by exposing such a vast amount of personal information.

The breach exposed extensive personal data, including:

  • names,
  • emails,
  • phone numbers,
  • messages,
  • physical addresses,
  • banking details,
  • bearer tokens,
  • birth dates,
  • usernames.

The breach is apparently affecting 3.6 million users.

Cross Switch has yet to publicly address the incident, and provide additional details about the nature of the attack and how they will protect the users.

Cross Switch payment gateways suffers data breach, exposes over 3 million individuals