Nayax Board Rules Out Ransom Payment After Hackers Breach Subsidiary Cloud Account and Threaten to Dump 100TB of Data
Nayax Board Rules Out Ransom Payment After Hackers Breach Subsidiary Cloud Account and Threaten to Dump 100TB of Data #
Israeli payments and loyalty fintech Nayax (NASDAQ: NYAX; TASE: NYAX) has refused to pay a criminal extortion demand following a cyberattack in which data was stolen from a cloud account belonging to one of its subsidiaries, the company disclosed in an update filed with the U.S. Securities and Exchange Commission on 14 July 2026.
Nayax first reported the incident on 8 July, telling the SEC it had detected anomalous activity inside a subsidiary’s cloud account and had immediately blocked and contained the affected environment. The company said it had engaged external cybersecurity experts and notified law enforcement in both Israel and the United States.
A threat actor calling itself TheSyndicate claimed credit for the intrusion, alleging it had exfiltrated more than 100TB of material, including more than one billion payment card records, KYC identity files, internal API credentials, database dumps, and source code, and threatening to publish the data through a dedicated portal on 21 July 2026 unless a ransom was paid.
In its 14 July update, Nayax confirmed that some data had been taken but described the stolen material more narrowly. According to the company, the exfiltrated files consist of a backup of scanned documents, general business information, and backup copies of payment transaction records. The company said the transaction backups do not contain sensitive payment authentication data such as cardholder names, CVV codes, or identification numbers, because Nayax does not collect or generally retain such information. It also noted that a large share of the underlying transactions were processed through digital wallets such as Apple Pay and Google Pay, which use single-use tokenization, limiting the practical value of the data to an attacker.
Nayax’s Board of Directors resolved not to comply with the extortion demand, concluding that doing so would not be in the long-term interests of its customers, partners, employees, or shareholders. The company said it is cooperating with law enforcement authorities, which are conducting an active investigation.
Nayax said its technical remediation and system review are complete and that its production environment and core systems were never compromised. All customer safeguarded funds were confirmed untouched, and business operations are continuing normally. The company said it has incurred, and may continue to incur, costs linked to the response and investigation, but does not currently expect the incident to have a material effect on its financial condition or results of operations.
Nayax, headquartered in Herzliya, Israel, reported revenues of $400 million for 2025, a 24% year-on-year increase, alongside a shift to net profitability.