Moneris Solutions impacted by Medusa ransomware, claims no 'critical' data exposed

The Medusa ransomware group has targeted Moneris Solutions Corp., a major Canadian payment processing firm formed by a partnership between two of the nation's largest banks. Medusa has posted a ransom demand of $6 million on their blog and threaten to release the stolen data publicly if their demands are not met within eight days.

Moneris provides credit and debit card processing and  e-commerce solutions for retailers through the Wix platform, enhancing the digital payment infrastructure with features like digital wallets and eGift cards. They serve over 325,000 retailers.

Moneris Solutions, confirmed that an external attempt to access their systems was detected and blocked by their cybersecurity team. They emphasized that their actions prevented any breach of critical data and that subsequent comprehensive audits affirmed the effectiveness of their digital loss prevention policies. Moneris has not disclosed any details about the attack nor defence actions.

Despite the ransomware group's claims, including posting purported screenshots of Moneris data, the company stands by its assessment that no sensitive data was compromised.

The credibility of the Medusa group's claims is brought into question, since it's not the first time that Medusa has claimed victims without subsequently providing any proof of the data theft.

Update - The Medusa ransomware group claims to have published data stolen from Moneris Solutions. Moneris had downplayed the breach, stating no critical data was accessed. Medusa alleges they have employee and client accounts, ID numbers, contracts, financial reports, and more. Moneris acknowledged that a corporate shared drive was compromised, revealing merchant IDs and details related to legacy gift cards.