Cyber Incident Victim: Edenred
Date:
Nov 2019
Location:
France
Summary
A payment solutions provider experienced a malware incident impacting an unspecified number of computing systems, prompting an immediate response with countermeasures aligned with established cybersecurity protocols. The company, operating across 46 countries and serving millions of users and businesses, initiated an investigation to assess the infection's scope while notifying relevant regulators. Concurrently, customers reported service disruptions affecting online portals, which the organization acknowledged and addressed through operational teams working to restore normal functionality. The malware strain involved remained undisclosed despite external inquiries, with no confirmation of a direct link between the technical issues and the security breach.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 0 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On November 21, 2019, Edenred, a global payment solutions provider operating in 46 countries, publicly disclosed a malware incident affecting an undisclosed number of its computing systems. The company detected unauthorized malware activity on its network and immediately activated established cybersecurity protocols to contain the infection. Edenred initiated an investigation to determine the scope of the compromise across its intermediation platform, which served 50 million employees, 2 million merchants, and 830,000 corporate clients. The Paris-based firm emphasized its commitment to protecting operational integrity and customer information, though it did not specify whether any data was exfiltrated during the incident. Security countermeasures were deployed to prevent further spread of the malware within corporate systems. Edenred began notifying relevant government regulators about the breach, consistent with regulatory compliance requirements for a company that processed €30 billion in transaction volume during 2018 through cards, mobile apps, and online platforms.
Concurrently, Edenred Mexico customers reported service disruptions via Twitter on November 21, complaining of intermittent accessibility issues with online portals. The company acknowledged these technical problems publicly, stating teams were working to restore normal operations, though it did not explicitly link the outages to the malware incident. Edenred's communications team declined to provide technical details about the malware strain involved when contacted by media outlets, maintaining their initial press statement as the sole official commentary. The incident occurred against the backdrop of Edenred's substantial transaction processing footprint, which included managing 2.5 billion specialized payment transactions annually. No quantitative impact assessment regarding financial losses or compromised records was disclosed in the immediate aftermath of the detection. Customer service channels remained operational to address access concerns while internal security teams focused on containment and remediation efforts.