Travelex Slowly Recovering From Ransomware Attack
The boss of Travelex has finally spoken out about a cyberattack that forced its staff to use pen and paper and halted travel money sales at some banks and supermarkets.
Travelex has restored some of its systems after a New Year’s Eve cyberattack left customers unable to exchange foreign currency online at some of Britain’s biggest banks. Travelex is still declining to say if it has paid a ransom to the criminals responsible.
The travel money provider said it had managed to restore the automated order placement used by several UK high street banks and would relaunch its international money transfer service by the end of January.However, other Systems remain Offline
The firm has released a number of short statements since cyber criminals held the firm to ransom on 31 December.But in a video message on the firm's website, boss Tony D'Souza said the IT system used by in-store staff was working again. Travelex, which is the world’s largest currency dealer, shut down its systems after a cyberattack on New Year’s Eve. It had still managed to process orders in store but was forced to use pen and paper to track them.
Some of Britain’s biggest banks were caught up in the outage, forcing their online customers to find other ways to buy cash for their holidays.
Banks will now be able to do in-store orders for home delivery and for collection in branch. However, Travelex will initially only offer 70 currencies, with more coming online later. The major currencies are understood to have been prioritised. While D’Souza said the system used by staff is now working, there was no word on when the firm's main UK website would be returned to service. He offred some to reassurance over public concerns that user data may have been put at risk, saying that Travelex has “not uncovered any evidence to suggest that any customer data has left the organisation”.
The company said automated order placement systems used by UK banking partners, which include HSBC, Barclays and Virgin Money, were now live. RBS and Tesco Bank later reported that their respective travel money sites, powered by Travelex, remained offline. That means customers are still unable to order currency online, either from Travelex itself or through the network of banks that use its services, including Barclays, Lloyds, RBS, and the finance websites of Sainsbury's and Tesco.
Travelex has said very little publicly since hackers held its systems to ransom by encrypting its digital files, reportedly demanding somewhere between £3m amd $6m to unlock that data.
Mr D'Souza said it was "not appropriate" to discuss details of the attack, adding that an investigation was ongoing. "To date, there is no evidence that any data has left the organisation," he told the BBC. The hackers, a gang called Sodinokibi, have told the BBC they gained access to the company's computer network six months ago and claim to have downloaded 5GB of sensitive customer data caliming that dates of birth, credit card information and national insurance numbers are all in their possession, they said.
Travelex said it is working closely with the Metropolitan Police, which is leading the investigation into the attack.
BBC: Barhhead News: Sky News: Graham Cluely: Realwire:
You Might Also Read: