
Nayax shares slide after fintech company reveals cloud security breach
The Israeli payments company said its core systems and payment infrastructure were unaffected, but attackers have threatened to publish allegedly stolen data.
Fintech company Nayax, which develops payment and processing solutions and is traded on the Tel Aviv Stock Exchange and Nasdaq, reported a security incident on Wednesday to the U.S. Securities and Exchange Commission (SEC).
The incident involved the detection of anomalous activity in a cloud account belonging to one of the group's subsidiaries. The company's stock plunged on the Tel Aviv Stock Exchange after falling on Nasdaq on Tuesday.
According to the company's report, the account in question was immediately blocked upon detection of the incident. Nayax emphasizes and clarifies that the company's production environment and core systems, including sensitive payment processing systems and ongoing operational activities, were unaffected by the incident, and the group's business operations are continuing as usual. The company did not specify in the report exactly when the anomalous activity in the cloud account began or how long the attackers remained in the account prior to it being blocked.
Amid the company's reports, a targeted extortion threat has surfaced online over the past day. As reported yesterday by analyst and investment manager Lior Wieder, the rumors originated on a website that publishes threats stemming from cybercriminal forums on the dark web. The attackers issued an ultimatum threatening to release data exfiltrated from the cloud account on July 21. In this context, the company clarifies that cybercriminals often make exaggerated or misleading claims for the purpose of extortion and intimidation, employing threatening language even when no actual breach of core systems has occurred.
At this stage, the scope of the data involved in the incident is still being assessed and determined, and the company has stated that it is cooperating with law enforcement authorities in Israel and the United States. The company’s notice to the stock exchange indicates that, at present, it does not believe there has been a disclosure of material information.
Nayax concluded 2025 with revenues of $400 million (reflecting a 24% growth rate) and a shift to a net profit of $35.5 million (compared to a loss in 2024). For the coming year, the company projects revenues exceeding the half-billion-dollar mark for the first time, reaching $510-$520 million. Just recently, the company reported an efficiency drive involving the layoff of approximately 3% of its workforce (32 employees, 20 of whom were based in Israel) out of a total of about 1,200 employees.
Nayax stated in response: "As part of the company's monitoring activities, anomalous activity was detected in a cloud computing account associated with one of Nayax's subsidiaries, specifically within a cloud computing account, and was immediately halted. The company is working with leading cybersecurity experts and law enforcement authorities in Israel and the U.S. to investigate the incident."
"The investigation is ongoing, and the scope of data potentially involved is still being assessed. At this stage, the company does not believe there has been any exposure of material information. The company's production environment and core systems were unaffected by the incident and continue to operate fully. Business operations are proceeding as usual, with no disruption to operational or business continuity. The company will update its customers, the investing public, partners, and other relevant parties regarding any material developments in the investigation, as necessary."














