Accounting software provider Tipalti investigating alleged ransomware attack
Accounting software giant Tipalti said it is investigating reports of a ransomware attack after a gang spent the weekend attempting to extort the company and its customers.
On Saturday, the Black Cat/AlphV ransomware gang claimed that it attacked the California-based company and began to threaten several of its most well-known customers, including Roblox, Twitch and others.
Tipalti did not respond to requests for comment but released a statement on Monday afternoon on social media sites.
“Over the past weekend, a ransomware group claimed that they allegedly gained access to confidential information belonging to Tipalti and its customers,” the company said.
“Tipalti takes the security of our systems and data very seriously and has strong security protocols and tools in place. We are thoroughly investigating this claim.”
The company makes software for accounting and payment automation, processing more than $50 billion in payments annually through a customer base of over 3,500. Since emerging in 2010, Tipalti has slowly become one of the largest accounting software firms, winning numerous awards this year for its products.
BlackCat/AlphV reposted the company to its leak site on Monday, claiming that it was reaching out to the Tipalti customers from which it stole the most amount of data.
The gang has shown a particular interest in the financial services industry.
Black Cat/AlphV caused widespread outages on point-of-sale technology used widely by restaurants after an April attack on payment processing giant NCR.
In the last month alone, two attacks have caused real-world effects on people and companies.
The first incident, involving financial software company MeridianLink, drew headlines because the gang reported the company to the Securities and Exchange Commission because it didn’t file its own report. Later, an attack on Fidelity National Financial — a Fortune 500 provider of title insurance for property sales — caused significant outages that snarled thousands of home purchases, stopping hundreds of owners from completing their deals.
Those attacks came after the group caused the shutdown of parts of Las Vegas following their infiltration and crippling of MGM Resorts in August.
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.