LAST UPDATED Loading...

Nayax Allegedly Breached With Payment Card and Customer Data Claimed Stolen

A threat actor claims to have compromised Nayax and stolen more than 100TB of payment card data, customer records, source code, and internal company information, though the claims remain unverified.
Screenshot of a cybercrime forum post alleging a breach of Nayax and claiming the theft of payment card data, customer records, source code, and other internal information.
A forum post alleges that Nayax was compromised and claims more than 100TB of payment card data, customer information, source code, and internal documents were stolen. The claims have not been independently verified by BreachNews.

A threat actor has claimed responsibility for an alleged breach of payment technology provider Nayax, asserting that it exfiltrated more than 100TB of internal company data, including payment card information, customer records, source code, financial documents, and internal credentials.

The claims were published on a cybercrime forum alongside a dedicated leak site threatening to release the purportedly stolen data on July 21. At the time of publication, the claims had not been independently verified, and Nayax had not issued any public statement.

Threat actor claims long-term access

According to the forum post, the threat actor allegedly maintained access to Nayax’s environment for nearly a year before exfiltrating data. However, no evidence has been presented that independently verifies the duration of the alleged compromise or the scale of the claimed data theft.

The actor claims the stolen information includes payment card data, Know Your Customer (KYC) records, transaction histories, customer identities, internal API keys, infrastructure documentation, database exports, source code repositories, financial records, email communications, and ERP platform data. Similar claims involving source code and cloud credentials have surfaced in other recent alleged breaches, including Accenture’s alleged source code and cloud credential leak, though the circumstances surrounding each incident differ.

The forum post also alleges that more than 1 billion payment card records were obtained. BreachNews has not independently verified that claim.

Release threatened for July 21

The threat actor claims the alleged dataset will be published on July 21 through an online portal that would allow users to search and download portions of the purportedly stolen information.

The actor also claimed it would provide advance notice before the planned publication and made statements encouraging market participants to trade on the anticipated release. There is no evidence that the claimed dataset exists in the form described or that any public release will occur.

Public company faces unverified extortion claim

Nayax develops payment and commerce technology for unattended retail environments, including vending machines, parking systems, laundromats, and self-service kiosks. The Israeli fintech company operates globally and is publicly traded on both the Nasdaq and the Tel Aviv Stock Exchange.

While large-scale breach claims involving payment data can pose significant risks if confirmed, threat actors have previously exaggerated the volume or sensitivity of allegedly stolen information to increase pressure on victims during extortion attempts.

Nayax had not issued any public statement at the time of publication, and there is currently no independent confirmation that the company experienced the breach described by the threat actor.

Picture of m00s3c

m00s3c

Moose (@m00s3c) is the author of BreachNews, focusing on data breach intelligence, dark web monitoring, and threat analysis. His work involves analyzing breach claims, reviewing leaked datasets, and tracking threat actor activity to provide clear, factual reporting.

Latest News

Newsletter signup

Get the latest data breach and security news.

Please wait...

Thank you for signing up!

BREACHNEWS.COM/SUPPORT/

Support Independent News.

Help support breach monitoring, investigations, infrastructure, and reporting.

Support the site
INTEL.BREACHNEWS.COM

Live Cyber
Threat Map

Explore live cyber activity, recent breach reports, KEV alerts, and public threat feeds from a single interactive dashboard.

Launch Threat Map