Financial automation technology firm Tipalti has shared an update on the ongoing data breach story. The company responded to the queries with an online statement yesterday. The Tipalti breach happened over the weekend wherein a ransomware group, known as ALPHV, gained unauthorized access to confidential information belonging to Tipalti and its clients.
Tipalti, renowned for its technology solutions in accounting, payment processing, eCommerce, and affiliate and influencer programs, assures its customers that it takes the security of its systems and data seriously, emphasizing the implementation of robust security protocols and tools. The company is actively investigating the alleged Tipalti breach.
Tipalti Breach Update: Investigation in Process
The FinTech giant services a notable clientele, including well-known companies like Twitch, Roblox, ZipRecruiter, Roku, GoDaddy, Canva, and X. The repercussions of this incident have extended to direct clients such as Roblox and Twitch, both experiencing subsequent data breaches.
The company’s notice over the Tipalti breach states, “Over the past weekend, a ransomware group claimed that they allegedly gained access to confidential information belonging to Tipalti and its customers. Tipalti takes the security of our systems and data very seriously and has strong security protocols and tools in place. We are thoroughly investigating this claim.”
Specializing in accounting software, Tipalti caters to 910 companies primarily in the United States, processing over $50 billion in payments annually for a customer base exceeding 3,500. Since its inception in 2010, Tipalti has steadily grown to become one of the largest accounting software firms, earning accolades for its products.
The ALPHV Ransomware Gang Attack
The ALPHV ransomware gang made the Tipalti breach public by reposting details on its leak site, asserting that it had infiltrated Tipalti’s network since September 8th. The threat actors claim to have exfiltrated 265 GB of data during this time, including sensitive information related to Twitch and Roblox, which they intend to extort separately.
In a now-deleted post on the ALPHV data leak site, the ransomware gang revealed, “We have remained present, undetected, in multiple Tipalti systems since September 8th, 2023.” The stolen data encompasses confidential business information, as well as details of Tipalti’s employees and clients.
The threat actors have announced their commitment to this exfiltration operation, intending to reach out to the affected companies once the market opens on Monday, anticipating a more substantial amount of data by then.
An additional update from the ransomware gang indicates that they are now in communication with Tipalti customers individually, signaling their intention to extort them. The specific customers affected by the Tipalti breach remain unclear, with the threat actors only confirming access to data about Twitch and Roblox.
As the investigation unfolds, Tipalti and its clients are urged to remain vigilant in light of this security incident, with the company actively addressing the situation to mitigate potential risks and safeguard the integrity of its systems and the data of its valued customers.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
