Hacked Company CTO Refuses to Pay Ransom Demand, Donates Money to Funding Research Instead

Summary

Checkout.com’s CTO Mariano Albera confirmed that the payments firm was hit by a digital extortion attempt by the ShinyHunters group in early November 2025, when attackers accessed a legacy third‑party cloud storage containing internal documents and merchant onboarding files from 2020 and earlier. The breach affected less than 25% of the merchant base and did not compromise live payment systems, card data, or merchant funds. Checkout.com publicly refused to pay the ransom, opting instead to donate the demanded amount to Carnegie Mellon University and the University of Oxford Cyber Security Center to fund anti‑cybercrime research. The company is notifying affected customers and cooperating with law enforcement and regulators.