Nayax refuses The Syndicate's extortion demand and narrows its disclosed breach scope
UPDATE · originally covered Nayax (Bank-of-Lithuania-licensed EEA payment institution) discloses a cloud-account incident; "The Syndicate" claims 1B card records — claim unverified and contradicted by the filing (2026-07-09)
Nayax Ltd. — whose Nayax Europe UAB subsidiary is a Bank-of-Lithuania-licensed payment institution serving EEA enterprises — issued a 14 July status update on the cloud-account incident The Syndicate claimed. Its board of directors "has resolved not to comply with criminal extortion demands," on the stated grounds that compliance would not serve customers', partners', employees' or shareholders' long-term interests (Nayax Ltd., 2026-07-14). Nayax narrowed the disclosed exfiltrated data to a backup of scanned documents, other business information, and mainly a backup of payment-transaction records that it says excludes sensitive payment-authentication data (cardholder names, CVV, ID information), adding that most affected transactions used digital-wallet single-use tokens it describes as valueless if disclosed. It also states remediation is complete and its systems are confirmed free of unauthorized access (Nayax Ltd., 2026-07-14).
The Company's Board of Directors has resolved not to comply with criminal extortion demands.
The Company's systems have been cleared and based on its investigation to date, confirmed to be free of unauthorized access.
ATT&CK mapping
1 technique mapped from the cited reporting · MITRE ATT&CK v19.1
Collection TA0009
T1530Data from Cloud Storage
Adversaries may access data from cloud storage.
Update chain
AI-generated · no human review · this permalink is the shareable record for the finding · verify operationally critical claims against the linked primary source.