Over the past few months, our former payment provider Nexi S.p.A. (“Nexi”) requested access to private data, which we understood to be specifically the usernames and passwords of our supporters. We have refused this request. All our attempts to clarify Nexi’s request, or to understand how their need for such information was necessary and legal, were met with what we consider to be vague and unsatisfactory explanations relating to a general need for risk analysis.
Subsequently, we found ourselves unable to receive credit card donations through Nexi’s system. In the afternoon of 10 March, we were further informed that our contract had been cancelled a few days prior on 7 March, due to our supposed failure to meet their deadline to fulfil their request. This deadline was not communicated to us beforehand, despite us having been Nexi’s customer for the past 15 years.
This is completely crazy! As 450 supporters are affected, that is a huge amount of donations that were cut off!
Almost sounds like they’re being socially engineered by an impostor. Bizarre behaviour.
Nexi also wanted to port scan their systems (“for security”) and was blocked from doing that by their firewalls after a while, which they complained about. As if a secure system would allow that
Nexi sounds hackable and flush with money for a scam audit. I sincerity hope no randsomeware befalls them.