Checkout.com Company CyberSecurity Posture

checkout.com
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

Checkout.com is a financial technology company that delivers a high-performance payments platform. Enterprise and scaling businesses use our cloud-based platform to process payments, send payouts, and manage card programs. Checkout.com is headquartered in London, with offices in New York, Paris, Dubai, Hong Kong, and other locations across six continents. Customers include global brands such as Sony, SHEIN, Wise, Patreon, and GE HealthCare.

Checkout.com A.I CyberSecurity Scoring

Checkout.com

Company Details

Linkedin ID:

checkout

Website:

https://www.checkout.com

Employees number:

2,214

Number of followers:

262,397

NAICS:

52

Industry Type:

Financial Services

Homepage:

checkout.com

IP Addresses:

Scan still pending

Company ID:

CHE_3118574

Scan Status:

In-progress

AI scoreCheckout.com Risk Score (AI oriented)

Between 600 and 649

https://images.rankiteo.com/companyimages/checkout.jpeg
Checkout.com Financial Services
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
globalscoreCheckout.com Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/checkout.jpeg
Checkout.com Financial Services
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

Checkout.com

Poor
Current Score
630
Caa (Poor)
01000
2 incidents
-128.0 avg impact

Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.

DECEMBER 2025
630
NOVEMBER 2025
628
OCTOBER 2025
626
SEPTEMBER 2025
623
AUGUST 2025
619
JULY 2025
615
JUNE 2025
611
MAY 2025
733
Ransomware
16 May 2025 • Checkout.com
Checkout.com Ransomware Incident by ShinyHunters (2025)

UK-based payment services provider **Checkout.com** experienced a security breach involving its **legacy third-party cloud file storage system**, compromised by the **ShinyHunters extortion group**. The attackers demanded a ransom, which the company refused to pay directly. Instead, Checkout.com redirected the demanded amount to **Carnegie Mellon University** and the **University of Oxford Cyber Security Center** to fund cybercrime research. The incident highlights risks associated with third-party cloud vulnerabilities, exposing potential data leaks or operational disruptions. While the company avoided direct ransom payment, the attack underscores the persistent threat of **ransomware-driven extortion** targeting financial service providers. The breach’s scope—whether customer or internal data was accessed—remains undisclosed, but the involvement of a high-profile threat actor suggests significant exposure risks. The decision to fund research rather than pay ransom aligns with ethical cybersecurity practices but does not eliminate the initial compromise’s impact on trust and system integrity.

605
critical -128
CHE5363553111725
Incident Details -
Type
ransomware data breach extortion
Attack Vector
compromised legacy third-party cloud file storage
Motivation
financial gain extortion
Impact
legacy third-party cloud file storage Brand Reputation Impact: potential negative impact (public disclosure of breach) Payment Information Risk: potential (payment services provider)
Response
donated ransom amount to cybercrime research (Carnegie Mellon University, University of Oxford) public denial of ransom payment via The Register
Investigation Status
['ongoing (implied by public disclosure)']
Initial Access Broker
legacy third-party cloud file storage
Post Incident Analysis
compromise of legacy third-party cloud storage donation to cybercrime research instead of ransom payment
References
Blog URL Source URL
APRIL 2025
733
MARCH 2025
732
FEBRUARY 2025
731
JANUARY 2025
731
JUNE 2020
770
Ransomware
16 Jun 2020 • Checkout.com
Checkout.com Ransomware Extortion Attempt by ShinyHunters (November 2025)

Checkout.com was targeted by the cybercriminal group **ShinyHunters** in early November 2025 via a **ransomware attack** exploiting a decommissioned third-party cloud storage system. The breach exposed **internal operational documents and merchant onboarding materials from 2020 and earlier**, affecting **less than 25% of its current merchant base**. While **no live payment systems, merchant funds, or card numbers were compromised**, the incident involved unauthorized access to legacy data. The company **refused to pay the ransom**, instead donating the demanded amount to **Carnegie Mellon University and the University of Oxford Cyber Security Center** to combat cybercrime. Checkout.com emphasized **transparency, accountability, and collaboration with law enforcement**, while contacting impacted customers and regulators. The breach highlighted vulnerabilities in legacy system decommissioning but did not disrupt core financial operations or expose sensitive financial data.

654
critical -116
CHE3702137111525
Incident Details -
Type
data breach ransomware extortion attempt
Attack Vector
legacy third-party cloud file storage system (improperly decommissioned)
Vulnerability Exploited
improper decommissioning of legacy cloud storage
Motivation
financial extortion
Impact
internal operation documents merchant onboarding materials (pre-2021) legacy third-party cloud file storage Downtime: none (live payment processing systems unaffected) Operational Impact: limited (less than 25% of current merchant base affected) Brand Reputation Impact: positive (praised for transparency and refusal to pay ransom) Identity Theft Risk: none (no card numbers or merchant funds accessed) Payment Information Risk: none
Response
contacting impacted customers coordinating with regulators public apology by CTO transparency in disclosure donation to cybersecurity research centers
Data Breach
internal operation documents merchant onboarding materials Sensitivity Of Data: moderate (historical operational and onboarding data)
Lessons Learned
Importance of proper decommissioning of legacy systems, transparency in incident response, and refusal to fund criminal activity through ransom payments.
Recommendations
ensure thorough decommissioning of legacy systems invest in cybersecurity research and collaboration with academic institutions maintain transparency with stakeholders during incidents
Investigation Status
ongoing (coordinating with law enforcement and regulators)
Customer Advisories
notifications to affected merchants
Stakeholder Advisories
public statement by CTO Mariano Albera contacting impacted merchants
Initial Access Broker
Entry Point: legacy third-party cloud file storage system
Post Incident Analysis
improper decommissioning of legacy cloud storage oversight in third-party system management donation to cybersecurity research enhanced coordination with law enforcement and regulators
References
Blog URL Source URL

Frequently Asked Questions

According to Rankiteo, the current A.I.-based Cyber Score for Checkout.com is 630, which corresponds to a Poor rating.

According to Rankiteo, the A.I. Rankiteo Cyber Score for November 2025 was 628.

According to Rankiteo, the A.I. Rankiteo Cyber Score for October 2025 was 626.

According to Rankiteo, the A.I. Rankiteo Cyber Score for September 2025 was 623.

According to Rankiteo, the A.I. Rankiteo Cyber Score for August 2025 was 619.

According to Rankiteo, the A.I. Rankiteo Cyber Score for July 2025 was 615.

According to Rankiteo, the A.I. Rankiteo Cyber Score for June 2025 was 611.

According to Rankiteo, the A.I. Rankiteo Cyber Score for May 2025 was 733.

According to Rankiteo, the A.I. Rankiteo Cyber Score for April 2025 was 733.

According to Rankiteo, the A.I. Rankiteo Cyber Score for March 2025 was 732.

According to Rankiteo, the A.I. Rankiteo Cyber Score for February 2025 was 731.

According to Rankiteo, the A.I. Rankiteo Cyber Score for January 2025 was 731.

Over the past 12 months, the average per-incident point impact on Checkout.com’s A.I Rankiteo Cyber Score has been -128.0 points.

You can access Checkout.com’s cyber incident details on Rankiteo by visiting the following link: https://www.rankiteo.com/company/checkout.

You can find the summary of the A.I Rankiteo Risk Scoring methodology on Rankiteo by visiting the following link: Rankiteo Algorithm.

You can view Checkout.com’s profile page on Rankiteo by visiting the following link: https://www.rankiteo.com/company/checkout.

With scores of 18.5/20 from OpenAI ChatGPT, 20/20 from Mistral AI, and 17/20 from Claude AI, the A.I. Rankiteo Risk Scoring methodology is validated as a market leader.