On December 28th during the holiday period, Egopay suffered a hack that greatly impacted key merchants and partners. False values were made available in the merchants platform, when no actual value was transmitted in Egopay.
This hacker then proceeded to convert this fake value into irreversible currencies all within a one hour window. These merchants believed that this value was in their Egopay account, but unfortunately it was not. Upon discovery, at this point, Egopay immediately put restrictions in place and placed transactions from being automatically completed, to manual review to contain further damage and impact on our merchants. The Shopping Cart Interface (SCI) was also restricted. The impact amount was between 1M to 1.5M total for a handful of merchants.
We concluded, that this hack must have been perpetrated by someone from within who knew the inner workings and had privileged access, so we took immediate actions and suspended everyone that we suspected while this investigation was underway. Unfortunately, this resulted in our support services being delayed or non-existent. Support tickets were not being answered and our transaction interface was taken down to stop any further exploit. Considering the evidence on hand, Egopay was left with no choice but to take these drastic actions.
An investigation team was called in to help on December 30th, 2014. This is when things began to unravel. The team was repeatedly asking for certain accesses in order to do their job, but it was not forthcoming. Egopay reached out for help from its payment partners, including Astropay and Payza as well a few key merchants to gauge interest in helping remedy this situation. Egopay was looking for help to discover the truth of the hack, for funding or liquidity, as well as to help consult on how to resolve this situation.
The hack also exposed a gap in the cash reserves of Egopay. On January 5th, 2015 it was uncovered that the real owner of Egopay (Amir Aziz) who operated behind the scenes was embezzling money from the company for a period of time. We took immediate action to restrict all his accesses as well. Between January 5th and 16th, the remaining Egopay employees (Tadas & team) did not know who to trust anymore.
On January 16th 2015, the investigative team was finally granted full access to the servers and systems. On January 18th, 2015 Amir Aziz social engineered his way with the hosting provider to reset his accesses and grant him access again to the servers which he used in turn to delete his Egopay account from the system (we would assume to cover his scheme) and removed all other Administrative accesses.