Cyber Incident Victim: Datawire

On or around August 3, 2018, a series of Border Gateway Protocol (BGP) hijacks targeted financial payment systems, including entities associated with Datawire, a payment processing network. Attackers manipulated BGP routing tables to redirect DNS query traffic for payment-related domains through malicious intermediary servers. This technique allowed the hijackers to intercept unencrypted traffic destined for legitimate payment services. The incidents occurred in multiple phases, with initial observed hijacks beginning in late July 2018 and recurring through early August. Oracle's Internet Intelligence team detected anomalous routing patterns where traffic for payment networks was diverted through Russian and Nigerian autonomous systems (ASes) before reaching legitimate destinations. Specific targets included infrastructure supporting Visa, Mastercard, and Datawire payment processing systems, though encrypted payment transactions using HTTPS remained protected from full interception.

The hijacks typically lasted between 2-10 minutes per incident but caused significant disruption to payment authorization services during those windows. Oracle's analysis confirmed at least six distinct hijacking events targeting financial networks between July 27 and August 3, with the August 3 incident representing the most sophisticated attack iteration. While no direct financial losses were publicly attributed to these incidents, the redirection exposed metadata about payment traffic patterns and potentially compromised unsecured transactional data. Network operators responded by implementing stricter BGP origin validation through Resource Public Key Infrastructure (RPKI) filters, while affected payment providers accelerated existing plans to enforce mandatory HTTPS encryption across all transaction endpoints. Oracle's threat intelligence team published detailed routing telemetry that enabled broader industry detection of similar hijacking patterns against financial infrastructure throughout Q3 2018.