AvidXchange, a payment software company, has suffered a second ransomware attack this year, with hackers publishing sensitive data, including non-disclosure agreements, payroll information, and corporate bank account numbers, stolen during the attack.
The hackers, RansomHouse, demanded that AvidXchange contact them to prevent the data from being leaked. The company, which provides cloud-based software to automate invoice processing and payment management, processed 70 million transactions for 8,000 customers in 2022.
The leaked data also includes login details, including easily guessable passwords with derivations of the company’s name and the word “password” itself. Some of the login details are still in use, according to the document, for a range of systems, including cloud accounts, security software, smart door locks, and surveillance cameras.
AvidXchange has confirmed that some data from its systems was exfiltrated and its investigation is ongoing, but it remains unclear how many customers and employees have been affected by the breach.
RansomHouse, which describes itself as a “professional mediators community,” also claimed responsibility for cyberattacks on chipmaker AMD and Africa’s largest retailer Shoprite.
It targets organizations that have a “negligent attitude to the privacy and security of their customers’ personal data.” The attack on AvidXchange is the second this year, following a mass-hack targeting Fortra GoAnywhere systems in which AvidXchange was one of 130 victims.
