Travelex Ransom Demand Is Doubled

Uploaded on 2020-01-16 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel, BUSINESS-Services-Financial

Malicious hackers are holding Travelex to ransom and the original demand for payment  of $3m to re-start the copmanies online systems now been doubled to $6m. Two weeks after the enormous Travelex cyber hack banks that use Travelex for their foreign exchange services still cannot sell travel money. The affected banks  include Lloyds, Barclays, and RBS.

The hackers struck on New Year's Eve forcing the London-headquartered firm to take down all its global websites. Travelex has a presence in more than 70 countries, with more than 1,200 branches and 1,000 ATMs worldwide. In a statement, the foreign exchange firm said it is making "good progress" recovering its systems over 15 days after the firrst event.

The firm’s employees are using pen and paper since the hack, but should be able to switch on their computers again soon.
Travelex website, that was taken down immediately after the attack was launched two weeks ago, but is still offline and the firm has not said when it will be operational again.

Banks that depend on its foreign exchange services are still unable to sell travel money online or in store as a result of the attack.

"We continue to make good progress with our recovery and have already completed a considerable amount in the background," said Travelex boss Tony D'Souza. "We are now at the point where we are able to start restoring functionality in our partner and customer services, and will be giving our partners additional detail on what that will look like during the course of this week," adding that "There is no evidence to suggest that customer data has been compromised."

The hackers, thought to be a gang using Sodinokibi, malware also known as REvil, have told the BBC they gained access to the company's computer network six months ago and claim to have downloaded 5GB of sensitive customer data.In August last year threat analysts at leading cybersecurity form Cybereason dubbed Sodinokiba 'The Crown Prince of Ransomware. 

The hackers are understood to claim that they have dates of birth, credit card information and national insurance numbers of Travelex customers all in their possession. 

Travelex has started issuing refunds to customers, with its website still down two weeks after being hit by the cyberattack.
Now Travelex has said it is working closely with the Metropolitan Police, which is leading the investigation into the attack.
Travelex’s network of branches around the UK are still operational, and are providing foreign exchange services manually.

Portswigger:        BBC:         iNews:        Yorkshire Evening Post::

You Might Also Read:

Cyber Criminals Demand Ransom From Travelex:

 

 

« Ireland’s Cyber Strategy
Can A 5G Network Really Be Secure? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Renaissance

Renaissance

Renaissance is Ireland's premier value added distributor of IT security solutions and a leading independent provider of business continuity consultancy.

Optimum Insurance

Optimum Insurance

Optimum's Cyber Risk & Data Protection Insurance policies are designed to protect against cyber exposures that arise when a company’s data and customer information is breached or stolen.

Black Duck Software

Black Duck Software

Black Duck Hub allows organizations to manage open source code security as well as license compliance risks.

TEISS

TEISS

Teiss.co.uk is a website dedicated to providing information about cyber security. TEISS also provide a series of conferences and events focused on cyber security.

Tesorion

Tesorion

Tesorion is a fusion of different enterprises each with its own specialisation in the field of cybersecurity. We have combined these specialisations to create an integrated comprehensive solution.

DFI

DFI

DFI is a global leading provider of high-performance computing technology across multiple embedded industries.

SOC.OS Cyber Security

SOC.OS Cyber Security

SOC.OS is an alert correlation and triage automation tool. It correlates and prioritises your alerts, boosting productivity, enhancing threat visibility and shortening mean time to respond.

Phakamo Tech

Phakamo Tech

Phakamo Tech offers a full set of governance, risk, compliance, cybersecurity and Microsoft Cloud services that include consulting, planning, implementation and cyber incident response.

Axitea

Axitea

Axitea designs, implements and develops the solutions best suited to its customers’ needs and their physical and cyber security requirements.

Kordia

Kordia

Kordia is a leading provider of mission-critical technology solutions throughout Australasia. We have the most comprehensive cyber security offering in New Zealand.

Swiss It Security Group

Swiss It Security Group

Swiss It Security Group offers clients complete IT security concepts based on innovative solutions and technology, with a focus on protection, detection and defence.

eCentre@LindenPointe

eCentre@LindenPointe

The eCenter@LindenPointe provides assistance to the development, management and promotion of STEM (Science, Technology, Engineering, Mathematics) related business ventures.

OX Security

OX Security

OX is a DevOps software supply chain security solution. Teams can verify the integrity and security of every artifact using a pipeline bill of materials (PBOM).

Digital.ai

Digital.ai

Digital.ai empowers organizations to scale software development teams, continuously deliver software with greater quality and security.

LevelBlue

LevelBlue

LevelBlue simplify cybersecurity through award-winning managed security services, experienced strategic consulting, threat intelligence and renowned research.

Graphiant

Graphiant

Graphiant’s Data Assurance service gives businesses end-to-end control and visibility into how data travels throughout the entire business network.