Travelex Ransom Demand Is Doubled

Uploaded on 2020-01-16 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel, BUSINESS-Services-Financial

Malicious hackers are holding Travelex to ransom and the original demand for payment  of $3m to re-start the copmanies online systems now been doubled to $6m. Two weeks after the enormous Travelex cyber hack banks that use Travelex for their foreign exchange services still cannot sell travel money. The affected banks  include Lloyds, Barclays, and RBS.

The hackers struck on New Year's Eve forcing the London-headquartered firm to take down all its global websites. Travelex has a presence in more than 70 countries, with more than 1,200 branches and 1,000 ATMs worldwide. In a statement, the foreign exchange firm said it is making "good progress" recovering its systems over 15 days after the firrst event.

The firm’s employees are using pen and paper since the hack, but should be able to switch on their computers again soon.
Travelex website, that was taken down immediately after the attack was launched two weeks ago, but is still offline and the firm has not said when it will be operational again.

Banks that depend on its foreign exchange services are still unable to sell travel money online or in store as a result of the attack.

"We continue to make good progress with our recovery and have already completed a considerable amount in the background," said Travelex boss Tony D'Souza. "We are now at the point where we are able to start restoring functionality in our partner and customer services, and will be giving our partners additional detail on what that will look like during the course of this week," adding that "There is no evidence to suggest that customer data has been compromised."

The hackers, thought to be a gang using Sodinokibi, malware also known as REvil, have told the BBC they gained access to the company's computer network six months ago and claim to have downloaded 5GB of sensitive customer data.In August last year threat analysts at leading cybersecurity form Cybereason dubbed Sodinokiba 'The Crown Prince of Ransomware. 

The hackers are understood to claim that they have dates of birth, credit card information and national insurance numbers of Travelex customers all in their possession. 

Travelex has started issuing refunds to customers, with its website still down two weeks after being hit by the cyberattack.
Now Travelex has said it is working closely with the Metropolitan Police, which is leading the investigation into the attack.
Travelex’s network of branches around the UK are still operational, and are providing foreign exchange services manually.

Portswigger:        BBC:         iNews:        Yorkshire Evening Post::

You Might Also Read:

Cyber Criminals Demand Ransom From Travelex:

 

 

« Ireland’s Cyber Strategy
Can A 5G Network Really Be Secure? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Thycotic

Thycotic

Thycotic prevents cyber attacks by securing passwords, protecting endpoints and controlling application access.

Zurich

Zurich

Zurich is a leading multi-line insurer providing a wide range of property and casualty, and life insurance products and services in more than 210 countries and territories.

PartnerRe

PartnerRe

PartnerRe Ltd. provides multi-line reinsurance to insurance companies on a worldwide basis. Services include Cyber Risk.

GuardiCore

GuardiCore

GuardiCore is an innovator in internal data center security and breach detection and is transforming security inside data centers and clouds.

Cask Government Services

Cask Government Services

Cask Government Services focuses on program management, cybersecurity, logistics, business analysis and engineering services for Federal, State and Local Government.

Trustless Computing Association (TCA)

Trustless Computing Association (TCA)

TCA is is a non-profit organization promoting the creation and wide availability of IT and AI technologies that are radically more secure and accountable than today’s state of the art.

CultureAI

CultureAI

CultureAI deliver intelligent cyber security awareness education and tools that build resilient security cultures where employees help defend.

Sergeant Laboratories

Sergeant Laboratories

Sergeant Laboratories builds advanced technologies to prove compliance in complex IT security and regulatory compliance situations.

Alea Consulting

Alea Consulting

Alea Consulting is a global risk mitigation and investigative consulting firm, which helps organizations reduce reputation and operational concerns.

Telstra

Telstra

Telstra is one of the world's leading telecommunications and technology companies, offering a wider range of services from networks and cloud solutions to mobility and enterprise collaboration tools.

Def-Logix

Def-Logix

Def-Logix was founded in 2008 to help solve cyber threats being experienced by government agencies of the United States.

Core to Cloud

Core to Cloud

Core to Cloud provide consultancy and technical support for the planning and implementation of sustainable security strategies.

AVANT Communications

AVANT Communications

AVANT is a premier distributor of next generation technologies with the resources and relationships needed to successfully navigate the ever-changing world of communications and IT infrastructure.

Zafran

Zafran

Zafran is a Risk & Mitigation Platform that defuses threat exploitation by mobilizing existing security tools.

CyberNut

CyberNut

CyberNut are a security awareness training solution built exclusively for schools.

Mother Technologies

Mother Technologies

From Datacentre to Desktop, Mother Technologies has been delivering IT Support, Telecoms, Cybersecurity and Connectivity services to businesses across Scotland and beyond since 2002.