Travelex Ransom Demand Is Doubled

Uploaded on 2020-01-16 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel, BUSINESS-Services-Financial

Malicious hackers are holding Travelex to ransom and the original demand for payment  of $3m to re-start the copmanies online systems now been doubled to $6m. Two weeks after the enormous Travelex cyber hack banks that use Travelex for their foreign exchange services still cannot sell travel money. The affected banks  include Lloyds, Barclays, and RBS.

The hackers struck on New Year's Eve forcing the London-headquartered firm to take down all its global websites. Travelex has a presence in more than 70 countries, with more than 1,200 branches and 1,000 ATMs worldwide. In a statement, the foreign exchange firm said it is making "good progress" recovering its systems over 15 days after the firrst event.

The firm’s employees are using pen and paper since the hack, but should be able to switch on their computers again soon.
Travelex website, that was taken down immediately after the attack was launched two weeks ago, but is still offline and the firm has not said when it will be operational again.

Banks that depend on its foreign exchange services are still unable to sell travel money online or in store as a result of the attack.

"We continue to make good progress with our recovery and have already completed a considerable amount in the background," said Travelex boss Tony D'Souza. "We are now at the point where we are able to start restoring functionality in our partner and customer services, and will be giving our partners additional detail on what that will look like during the course of this week," adding that "There is no evidence to suggest that customer data has been compromised."

The hackers, thought to be a gang using Sodinokibi, malware also known as REvil, have told the BBC they gained access to the company's computer network six months ago and claim to have downloaded 5GB of sensitive customer data.In August last year threat analysts at leading cybersecurity form Cybereason dubbed Sodinokiba 'The Crown Prince of Ransomware. 

The hackers are understood to claim that they have dates of birth, credit card information and national insurance numbers of Travelex customers all in their possession. 

Travelex has started issuing refunds to customers, with its website still down two weeks after being hit by the cyberattack.
Now Travelex has said it is working closely with the Metropolitan Police, which is leading the investigation into the attack.
Travelex’s network of branches around the UK are still operational, and are providing foreign exchange services manually.

Portswigger:        BBC:         iNews:        Yorkshire Evening Post::

You Might Also Read:

Cyber Criminals Demand Ransom From Travelex:

 

 

« Ireland’s Cyber Strategy
Can A 5G Network Really Be Secure? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Agenci

Agenci

Agenci are specialists in cyber security and information security and deliver ISO 27001 Certification.

herdProtect

herdProtect

herdProtect is a second line of defense malware scanning platform powered by 68 anti-malware engines in the cloud.

Veriato

Veriato

Veriato develops intelligent solutions that provide companies with visibility into the human behaviors and activities occurring within their network, making them more secure and productive.

Automation & Cyber Solutions (ACS)

Automation & Cyber Solutions (ACS)

Automation & Cyber Solutions delivers a range of Industrial Automation and Cyber solutions & services to sectors including Oil & Gas, Chemicals & Petrochemicals, Power and others.

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

SWEDAC is the national accreditation body for Sweden. The directory of members provides details of organisations offering certification services for ISO 27001.

LinkUp

LinkUp

LinkUp is a leading data-driven job search company. Every day we index millions of job openings directly from employer websites.

SpyCloud

SpyCloud

SpyCloud is a leader in account takeover (ATO) prevention, protecting billions of consumer and employee accounts either directly or through product integrations.

Cyemptive Technologies

Cyemptive Technologies

Cyemptive's CyberSlice technology preempts and remove threats before they take hold, in seconds, compared to other’s hours, days, weeks and even months.

HarfangLab

HarfangLab

HarfangLab develops a hunting software to boost detection and neutralization of cyberattacks against companies endpoints.

AdvIntel

AdvIntel

AdvIntel is a next-generation threat prevention and loss prevention company launched by a team of certified investigators, reverse engineers, and security experts.

Data Priva

Data Priva

Data Priva is the UK's leading subscription-based data protection, governance, risk and and compliance service.

DigitalWell

DigitalWell

DigitalWell provide fully managed IT and communications solutions for a truly innovative end-to-end experience - for your customers and teams.

Pulsant

Pulsant

Pulsant is the UK’s premier digital edge infrastructure company providing next-generation cloud, colocation and connectivity services.

Secjur

Secjur

Secjur is a provider of AI-based compliance tools that aim to put compliance, data protection, information security and whistleblowing on autopilot.

Bell Canada

Bell Canada

Bell is the leading provider of network and communications services for Canadian businesses and the partner for delivering network, IoT, cloud, voice, collaboration and security solutions.

Edera

Edera

Edera is changing the way containers are run and secured, making isolation a reality and fundamentally transforming computing in the process.