Nationwide Payment Disruption
BridgePay Network Solutions, a major U.S. payment gateway processing transactions for merchants across the country, has been completely offline since February 6, 2026 following a ransomware attack. As of February 10, the outage stretches past four days with no confirmed timeline for restoration.
Every BridgePay service is down:
- BridgeComm API — Gateway API for transaction processing
- PayGuardian Cloud API — Cloud payment processing
- MyBridgePay — Virtual terminal for manual transactions
- Hosted Payment Pages — Online checkout forms
- PathwayLink — Gateway routing
Cascading Impact
The attack has forced merchants, municipalities, and commerce platforms to scramble for alternatives:
| Affected Entity | Impact |
|---|---|
| City of Palm Bay, FL | Unable to process utility payments |
| City of Frisco, TX | Municipal payment systems disrupted |
| Lightspeed POS | Merchants on BridgePay integration unable to process cards |
| ThriftTrac | Thrift store POS systems offline |
| Nationwide merchants | Cash-only or switching processors |
Timeline
Feb 6, 3:29 AM EST — BridgePay detects unauthorized access
Feb 6, morning — All services taken offline as precaution
Feb 7 — FBI and U.S. Secret Service engaged
Feb 8 — Forensic investigation confirms ransomware
Feb 9 — No payment card data compromise (initial finding)
Feb 10 — Day 4 — systems still offlineWhat We Know
Initial Forensics
BridgePay's forensic investigation has so far found no evidence that payment card data was compromised. The attack appears to have targeted operational systems rather than payment data stores, though the investigation is ongoing.
Law Enforcement
Both the FBI and U.S. Secret Service are actively engaged in the investigation, indicating the severity and potential national security implications of the attack.
Lessons for Business Continuity
This incident is a stark reminder of third-party dependency risk in payment infrastructure.
Key Takeaways
- Payment processor redundancy — Organizations should maintain relationships with backup payment processors that can be activated within hours, not days
- Cash-handling procedures — Staff should be trained on manual payment acceptance for extended outages
- Vendor SLAs — Payment gateway contracts should include recovery time objectives (RTOs) and penalties for extended outages
- Incident communication — BridgePay's status page updates have been criticized for lacking detail — ensure your vendors have transparent incident communication
- Supply chain risk assessment — Regularly evaluate the ransomware resilience of critical third-party providers
The Broader Trend
Ransomware actors are increasingly targeting infrastructure chokepoints — single points of failure that maximize disruption:
- 2024: Change Healthcare (insurance claims processing)
- 2025: CDK Global (auto dealership management)
- 2026: BridgePay (payment gateway)
Each attack demonstrates that compromising one infrastructure provider can cascade across thousands of downstream businesses.
Sources
- BleepingComputer — BridgePay Confirms Ransomware Attack
- Infosecurity Magazine — BridgePay Confirms Ransomware, No Card Data Compromised
- Payment Expert — BridgePay Outage Enters Fourth Day