Billtust is a major player in the US financial services sector that provides a variety of billing and payment processing services for some of the biggest financial institutions in the nation. Then, on October 17th, they suffered a malware attack that brought all of their services to a grinding halt. However, the company did not notify any of their customers about the incident.
Instead, one of their customers, Wittichen Supply Company, noticed issues with Billtrust's services and posted information about the outage on their company's website. That prompted Billtrust to reach out to them and provide additional information.
Wittichen's notice reads, in part, as follows:
"We were notified late yesterday that BillTrust (our third party vendor for customer invoice and online bill payment) was the subject of a Malware attack. BillTrust is working with federal law enforcement and cybersecurity firms to investigate and remediate the attack."
BillTrust went on to assure Wittichen Supply Company that none of its customers' data was compromised and that they were working around the clock to restore services. The announcement finally did prompt the company to provide some additional information, which it made available to its customers.
On October 18th, Billtrust posted the following overview of their services and their operational status:
- Credit (former Credit2B) - up and operational
- eCommerce (Second Phase) - up and operational
- Virtual Card Capture - scheduled to be up and running on Saturday, October 19.
- Cash Application - Over the next 12-24 hours, we intend to bring Cash Application customers to live starting with the processing of lockbox and open balance files.
- Billing & Payments - Billing and Payment websites will be turned on this evening followed by FTP connectivity. Card payment processing resumes this evening and ACH processing resumes on Monday, October 21.
- VueBill - Please contact your account representatives for specific details.
It's good information. The company didn't start providing it until they were forced to do so by one of their own customers. If you use Billtrust, be aware. No further details about the attack have been forthcoming to this point.