Payment services provider Checkout.com is taking an unusual approach to dealing with a recent cybercrime extortion demand. Instead of paying the demanded amount, the company has decided to donate it to fund cybercrime research.
CTO Mariano Albera took full responsibility for the security incident and apologized to partners and customers, stating that his company will not be extorted by criminals. The company’s internal investigation found that hackers gained access to a “legacy third-party cloud file storage system” that wasn’t properly decommissioned in 2020.
The breach affected less than 25% of Checkout.com’s merchant base, but the company is working closely with law enforcement and regulators to address the issue. What’s notable is that Albera said the company will not pay the ransom demand, instead choosing to support cybercrime research.
“We are sorry,” Albera wrote. “Security, transparency, and trust are the foundation of our industry. We will own our mistakes, protect our merchants, and invest in the fight against the criminal actors who threaten our digital economy.”
Checkout.com’s decision not to pay the ransom demand is a refreshing change from typical responses to cybercrime incidents. By taking ownership and donating the amount to support cybercrime research, the company is setting an example for other organizations to follow.
Source: https://www.theregister.com/2025/11/13