Nayax Shares Plunge Amid Ransom Threat Following Cloud Account Security Breach
Nayax, a fintech company specializing in payment and vending machine solutions and listed on both the Tel Aviv Stock Exchange and NASDAQ, reported a security incident involving unusual activity detected in a cloud account of one of its subsidiaries. The company immediately blocked the compromised account upon discovery. Despite the breach, Nayax emphasized that its core systems, including sensitive payment processing and operational infrastructure, were not affected, and business operations continue as normal.
The incident triggered a sharp drop in Nayax's stock price, falling 8.3% on NASDAQ to close at $66.02 and declining further on the Tel Aviv Stock Exchange. The company did not specify when the suspicious activity began or how long attackers had access before the account was blocked. The breach coincides with a ransom threat circulating online, where cybercriminals have demanded payment under the threat of releasing data allegedly extracted from the cloud account on July 21.
Nayax cautioned that cybercriminals often exaggerate or fabricate threats to intimidate victims and that no core system breaches have been confirmed. The extent of the data involved is still under investigation, with Nayax cooperating with law enforcement authorities in Israel and the United States. The company currently believes no significant data exposure has occurred.
Financially, Nayax reported strong growth, ending 2025 with $400 million in revenue, a 24% increase, and a net profit of $35.5 million compared to a loss in 2024. It projects revenues between $510 million and $520 million for the current year. Recently, Nayax implemented a cost-cutting measure, reducing its workforce by about 3%, including 20 employees in Israel out of approximately 1,200 total staff.
In its official statement, Nayax reiterated that the investigation is ongoing and pledged to update stakeholders on any material developments. The company confirmed that its production environment and core systems remain fully operational, ensuring uninterrupted business continuity.