A major ransomware attack on BridgePay Network Solutions has caused a nationwide payment processing outage, forcing merchants across the United States to switch to cash-only operations and disrupting card transactions for municipalities and businesses alike.
Ransomware Confirmed Within Hours
BridgePay confirmed late Friday, February 6, 2026, that ransomware was responsible for the incident that began in the early morning hours. The company has engaged federal law enforcement, including the FBI and U.S. Secret Service, along with external forensic and recovery teams.
“Initial forensic findings indicate that no payment card data has been compromised,” BridgePay stated in an update on their status page, adding that any accessed files were encrypted and there is currently “no evidence of usable data exposure.”
Merchants Report Widespread Disruption
As the outage spread, merchants and organizations across the country began informing customers they could only accept cash payments. Restaurants, retail stores, and municipal offices were all affected by the disruption.
The City of Palm Bay, Florida announced: “BridgePay Network Solutions, our third-party credit card processing vendor, is experiencing a nationwide service disruption. As a result, the City’s online billing payment portal is currently unavailable.”
Other impacted organizations include:
- Lightspeed Commerce — reported service impacts affecting their payment integrations
- ThriftTrac — experienced processing disruptions
- City of Frisco, Texas — reported municipal payment issues
Critical Systems Taken Offline
BridgePay’s status page showed major outages across core production systems, including:
- BridgePay Gateway API (BridgeComm)
- PayGuardian Cloud API
- MyBridgePay virtual terminal and reporting
- Hosted payment pages
- PathwayLink gateway and boarding portals
Early warning signs appeared around 3:29 a.m. when monitoring detected degraded performance across multiple services. The intermittent degradation eventually cascaded into a full system outage.
Why This Matters
This attack highlights the cascading impact of ransomware targeting payment infrastructure. Unlike attacks on individual businesses, striking a payment gateway creates immediate, widespread real-world consequences:
- Business continuity: Merchants unable to process cards lose revenue and customer trust
- Municipal services: Government offices cannot collect utility payments or process transactions
- Supply chain ripple: Third-party integrators like Lightspeed Commerce face downstream impacts
- Consumer inconvenience: Customers forced to find cash in an increasingly cashless economy
The ransomware group responsible has not been publicly identified. BridgePay stated that recovery is being handled “in a secure and responsible manner” while the forensic investigation continues.
This incident adds to the growing wave of ransomware attacks targeting critical payment infrastructure, where outages quickly ripple through real-world commerce when transaction pipelines go down.
