U.S. financial services provider Billtrust experienced an outage affecting all of its services after some of the company's computing systems were impacted by a malware attack on October 17.
While Billtrust did not make the attack public, a service interruption notice published by one of their customers, Wittichen Supply Company, says that the customer invoicing and online bill payment vendor notified them of a malware attack.
"We were notified late yesterday that BillTrust, our third party vendor for customer invoicing and online bill payment, was the subject of a Malware attack. BillTrust is working with federal law enforcement and cyber security firms to investigate and remediate the attack," says the notice.
"Currently, all BillTrust services are down, which affects our ability to deliver invoices and present our online billpay portal to you."
Systems restored from backups
The company also told Wittichen Supply Company that none of its customers' data was compromised in the attack and that they are working to restore services on a measured schedule due to the volume of data involved.
In an update Billtrust sent on Friday, October 18, 6:00 P.M. ET, they also listed the services that were already operational and the ones that still had problems:
• Billtrust eCommerce (Second Phase) – up and operational.
• Billtrust Virtual Card Capture – scheduled to be up and running on Saturday, October 19 with a plan to work through the weekend to begin catching up on back log.
• Billtrust Cash Application – over the next 12-24 hours, we intend to bring Cash Application customers live starting with processing of lockbox and open balance files.
• Billtrust Billing & Payments – Billing and Payment websites will be turned on this evening followed by FTP connectivity. We expect card payment processing to resume this evening and ACH processing to resume on Monday, October 21 but will update you if anything changes.
• Billtrust VueBill – please contact your account representative for specific details.
Six hours later, Billtrust also notified Wittichen Supply Company that they have deployed forensic software on most of their systems as part of an ongoing investigation of the incident.
The company also assured the customer that their data is backed up regularly "in preparation for events like this" and that progress is being made in restoring the rest of the affected services.
Possible ransomware attack
A subsequent update published on Wittichen Supply Company's website on October 21, 8:00 A.M. CST, says that "Billtrust systems continue to come back online, and we are in the process of catching up the missing data from the outage."
Also, "As of this update, you should be able to access our Online BillPay Portal to view invoices and account payments through 10/16/2019 and make payments online. We hope to have invoices and payments from the 17th – 20th uploaded to BillTrust soon."
While the company has not indicated the type of cyberattack, a source familiar with the matter told BleepingComputer that the company was affected by the BitPaymer ransomware.
Furthermore, given that BillTrust has stated that they are in the process of restoring their systems from backups, this further indicates that they were affected by a ransomware attack.
BleepingComputer has emailed the company for confirmation but had not heard back as of yet.
B2B order-to-cash market leader
Billtrust has 565 employees in 22 states and is a "leader in B2B order-to-cash solutions" as per a press release the company published on October 1. Billtrust was also behind more than $30 billion in ACH and card payments processed in 2019 according to its website.
"Billtrust accelerates cash flow by automating credit decisioning and monitoring, invoice delivery, payment capture, cash application, and collections," says the same press release.
The company also launched the Business Payments Network (BPN) platform last year in collaboration with Visa "to close the gap that exists between buyers and suppliers when it comes to payments."
Several high-profile financial institutions were also added to the platform since its launch, including J.P. Morgan, Comdata, and Priority Commercial Payments.
H/T Kevin Beaumont
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now