AvidXchange hit by a second major ransomware attack this year

Ransomware attack on a computer
(Image credit: Kaspersky)

AvidXchange has suffered its second major ransomware attack of 2023 after hackers published a sample of the stolen data on their website and demanded a ransom be paid as soon as possible. 

The payment software company was attacked by a ransomware group calling itself RansomHouse, which has since leaked super sensitive information that can easily be used to commit acts of fraud and requiring the best identity theft protection to combat.

The data stolen includes non-disclosure agreements, employee payroll information, as well as corporate bank account numbers, the publication says, after analyzing a small sample. Other data stolen includes system login details, and answers to security questions for things such as cloud accounts and security software (smart door locks, surveillance cameras, and more). Analysis of this information showed that employees were using weak and easily guessable passwords, such as a derivation of the AvidXchange name together with the word “password”. 

Investigation ongoing

In fact, it would seem that some of the passwords are yet to be changed. 

In response to the leak, the company published a short statement on its website, saying it happened in early April, that it affected “some” of its systems, and that “some data”, was stolen. It further added that the investigation is ongoing. 

On Monday, the company held a first-quarter earnings call, TechCrunch added, during which it said it expected more costs due to the attack. Spokesperson Olivia Sorrellis, however, did not want to say if AvidXchange got a ransom demand, or if it paid it. 

AvidXchange is a cloud-based payments software provider, helping businesses automate invoicing and payment management. 

It is located in North Carolina, and in 2020 counted 1,500 employees and more than 7,000 customers, as per its website. It processed roughly 53 million transactions with more than $145 billion in spend under management in 2020 alone, and paid more than 700,000 suppliers in five years. 

Via: TechCrunch

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.