A Ransomware Attack Just Shut Down a National Payment Processor — Is Your Exhibit Floor Next?

On February 6, payment processing company BridgePay confirmed that a ransomware attack had crippled its systems. Card transactions across thousands of merchants went dead. Restaurants, retailers, and service providers that depended on BridgePay as their sole payment processor had exactly one option: turn customers away or scramble for cash.

Now imagine that scenario on a trade show floor.

You have invested $45,000 in booth space, $30,000 in custom fabrication, $15,000 in travel and staffing, and flown a ten-person team across the country. Your booth sells product on-site — live demos that convert to orders, merchandise that reinforces your brand, subscription sign-ups that capture revenue in the moment. At 10:47 a.m. on Day 1, your payment terminal goes dark. Not because of anything you did. Because a ransomware gang in Eastern Europe decided that your payment processor was the softest target on their list.

The Single Point of Failure Problem

The BridgePay attack exposed a vulnerability that most exhibitors have never considered: their payment infrastructure has zero redundancy. The typical on-floor payment setup involves one processor, one terminal provider, and one merchant account. If any link in that chain breaks — whether from a ransomware attack, a network outage, or a simple software glitch — the entire revenue operation stops.

This is not a theoretical risk. Ransomware attacks on payment processors have increased 67% year-over-year, according to Sophos's 2025 State of Ransomware report. The financial services sector was the second most targeted industry behind healthcare. And the attackers are getting more strategic: they time their strikes for maximum economic damage, hitting during peak transaction periods when victims are most likely to pay the ransom quickly.

A major trade show is exactly that kind of peak transaction period. Three days of concentrated buyer activity, thousands of attendees with open budgets, and exhibitors who cannot simply reschedule their sales window. If you wanted to design the perfect hostage scenario for a ransomware attack, you would build something that looks exactly like a trade show.

"We had a payment outage at a consumer electronics show last year. Not ransomware — just a processor glitch. It lasted four hours. We estimated $180,000 in lost on-floor sales. Four hours. A ransomware attack takes days to resolve, not hours."

— Marcus Webb, CFO, ExhibitPro Group

Building Payment Redundancy for Your Booth

1. Run Two Payment Processors, Always

This is the single most important change exhibitors can make. Set up accounts with two independent payment processors before your next show. If your primary runs through BridgePay, have a backup through Square, Stripe, or Clover. The cost of maintaining a second merchant account is trivial compared to the cost of losing an entire show's revenue. Configure both terminals before you ship to the venue. Test both on-site during setup. Your booth staff should be able to switch from primary to backup in under two minutes.

2. Enable Mobile Payment Fallbacks

Every member of your booth staff should have a mobile payment app configured and tested on their phone. Venmo Business, PayPal, Zelle, Apple Pay — these peer-to-peer and mobile platforms run on completely different infrastructure than traditional card processors. They are not a permanent solution for high-volume sales, but they are the difference between capturing revenue and watching buyers walk to your competitor's booth.

3. Keep Cash in the Booth

It sounds archaic. It is not. Maintain a cash float of at least $500 in small bills for making change. In a payment outage scenario, the exhibitor who can accept cash and process the formal transaction later retains the customer. The exhibitor who shrugs and says "our system is down" loses the sale permanently. Print simple receipt forms as a backup. A handwritten receipt with a customer's email address is a recoverable transaction. A lost customer is not.

4. Negotiate Downtime Guarantees With Your Processor

Your payment processing agreement almost certainly includes an uptime SLA. Read it. Most guarantee 99.9% uptime, which sounds impressive until you realize that 0.1% of a year is 8.7 hours — enough to wipe out an entire day of a three-day show. Push for SLAs that include financial compensation tied to your documented on-floor revenue. If the processor cannot guarantee your transactions during a defined show window, that risk needs to be priced into the agreement.

5. Isolate Payment Devices From Your Booth Network

The BridgePay attack was a direct hit on the processor's infrastructure. But many ransomware attacks enter through connected devices on the same network. Your payment terminal should never be on the same Wi-Fi network as your demo machines, lead capture tablets, or digital signage. Use a dedicated cellular connection for payment processing. A $35/month SIM card in a dedicated mobile hotspot creates an air gap between your payment infrastructure and every other device in your booth.

What Show Organizers Owe Their Exhibitors

Convention centers and show organizers need to step up on payment infrastructure resilience. Currently, most venues offer exhibitors a single recommended payment processing vendor — often one with an exclusive contract that generates revenue sharing for the venue. That model creates exactly the kind of single-point-of-failure concentration that ransomware attackers exploit.

Forward-thinking organizers should be offering exhibitors multiple approved processors, providing dedicated secure payment networks separate from general show floor Wi-Fi, and maintaining incident response plans that specifically address payment infrastructure attacks. The show organizer who can guarantee payment continuity during a cyber event has a genuine competitive advantage in attracting revenue-generating exhibitors.

"After the BridgePay incident, we immediately audited every payment touchpoint across our 23 annual shows. We found that 89% of our exhibitors who process on-floor payments use a single processor with no backup. That is an unacceptable risk profile for our community."

— Jennifer Hartley, SVP Operations, Informa Markets

The Ransomware Problem Is Getting Worse, Not Better

The FBI's Internet Crime Complaint Center reported that ransomware complaints increased 18% in 2025, with total losses exceeding $59 billion globally. Payment processors are particularly attractive targets because the pressure to restore service is immense — every minute of downtime costs their merchants real revenue, which means the processor is more likely to pay the ransom quickly. BridgePay is not the first and will not be the last.

For exhibitors, the lesson is simple: you cannot control whether your payment processor gets attacked. You can control whether that attack shuts down your booth. Redundancy is not a luxury. It is the cost of doing business on a show floor in 2026.