n early November 2025, the global payments firm was targeted by ShinyHunters, a well-known cybercrime group. The attackers accessed a legacy third-party cloud storage system that remained online despite no longer being actively used. The exposed data included internal operational documents and merchant onboarding materials dating to 2020 and earlier.