UK Fintech checkout.com ignores ransom demand, pledges the funds to cyber research

In a bold move challenging the lucrative cyber-extortion business, UK fintech giant Checkout.com has publicly refused to pay a ransom demanded by the notorious hacking group ShinyHunters following a recent data breach. Instead of funding the criminal enterprise, the company has pledged to donate the undisclosed ransom amount to leading cybersecurity research centers at Carnegie Mellon University and the University of Oxford.

The attack, which Checkout.com disclosed this week, exploited a legacy third-party cloud file storage system that had not been properly decommissioned, holding internal operational documents and merchant onboarding materials from 2020 and prior years.

A principled stand

Mariano Albera, Checkout.com’s Chief Technology Officer (CTO), delivered the uncompromising message in a statement: "We will not be extorted by criminals. We will not pay this ransom. Instead, we are turning this attack into an investment in security for our entire industry."

While the company did not disclose the specific amount demanded, the donation is intended to support cybercrime research at the two prestigious institutions, directly contributing to the global effort to combat increasingly sophisticated digital threats.

Full transparency and responsibility

In a rare demonstration of corporate transparency post-breach, Mr. Albera took "full responsibility" for the security lapse, which affected less than 25% of the company’s current merchant base.

"This was our mistake, and we take full responsibility," Albera stated. "We regret that this incident has caused worry for our partners and people."

According to the statement, the company’s core payment processing platform, merchant funds, and card numbers were not compromised during the incident. The breach was contained to the legacy system.

The bigger picture

This incident and Checkout.com’s response underscore a growing debate within the cybersecurity community about the ethical and practical implications of paying ransoms. Security experts often argue that paying extortionists only fuels the profitability and prevalence of future attacks.

By redirecting the funds into research, Checkout.com is attempting to set a new precedent for corporate crisis management, shifting the focus from damage control to systemic improvement for the broader fintech ecosystem. The company is actively notifying all potentially impacted merchants and cooperating with law enforcement and regulators.