Travelex Slowly Recovering From Ransomware Attack

Uploaded on 2020-01-28 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW

The boss of Travelex has finally spoken out about a cyberattack that forced its staff to use pen and paper and halted travel money sales at some banks and supermarkets.

Travelex has restored some of its systems after a New Year’s Eve cyberattack left customers unable to exchange foreign currency online at some of Britain’s biggest banks. Travelex is still declining to say if it has paid a ransom to the criminals responsible.

The travel money provider said it had managed to restore the automated order placement used by several UK high street banks and would relaunch its international money transfer service by the end of January.However, other Systems remain Offline

The firm has released a number of short statements since cyber criminals held the firm to ransom on 31 December.But in a video message on the firm's website, boss Tony D'Souza said the IT system used by in-store staff was working again. Travelex, which is the world’s largest currency dealer, shut down its systems after a cyberattack on New Year’s Eve. It had still managed to process orders in store but was forced to use pen and paper to track them.

Some of Britain’s biggest banks were caught up in the outage, forcing their online customers to find other ways to buy cash for their holidays.

Banks will now be able to do in-store orders for home delivery and for collection in branch. However, Travelex will initially only offer 70 currencies, with more coming online later. The major currencies are understood to have been prioritised. While D’Souza said the system used by staff is now working, there was no word on when the firm's main UK website would be returned to service. He offred some  to reassurance over public concerns that user data may have been put at risk, saying that Travelex has “not uncovered any evidence to suggest that any customer data has left the organisation”.

The company said automated order placement systems used by UK banking partners, which include HSBC, Barclays and Virgin Money, were now live. RBS and Tesco Bank later reported that their respective travel money sites, powered by Travelex, remained offline. That means customers are still unable to order currency online, either from Travelex itself or through the network of banks that use its services, including Barclays, Lloyds, RBS, and the finance websites of Sainsbury's and Tesco.

Travelex has said very little publicly since hackers held its systems to ransom by encrypting its digital files, reportedly demanding somewhere between £3m amd $6m to unlock that data.

Mr D'Souza said it was "not appropriate" to discuss details of the attack, adding that an investigation was ongoing. "To date, there is no evidence that any data has left the organisation," he told the BBC. The hackers, a gang called Sodinokibi, have told the BBC they gained access to the company's computer network six months ago and claim to have downloaded 5GB of sensitive customer data caliming that dates of birth, credit card information and national insurance numbers are all in their possession, they said. 

Travelex said it is working closely with the Metropolitan Police, which is leading the investigation into the attack.

BBC:        Barhhead News:            Sky News:         Graham Cluely:       Realwire:

You Might Also Read:

30% Of Business Leaders Would Pay Ransom:

New Ransomware Formats Double:

« Publishers Spread Fake News
GDPR Data Breach Notifcations & Fines Are Increasing »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Securezoo

Securezoo

Securezoo's mission is to simplify and enhance information security by providing trusted security guidance, products, and information to small and mid-sized businesses and security professionals.

RSA Security

RSA Security

RSA provide cybersecurity products for Threat Detection and Response, Identity and Access Management, Governance, Risk and Compliance, and Fraud Prevention.

ProPay

ProPay

ProPay provides secure payment solutions for organizations ranging from small businesses to large enterprises requiring complex payment solutions.

Redjack

Redjack

Redjack is a cutting-edge network analytics company focused on enterprise and ISP security and intelligence solutions.

Vysk Communications

Vysk Communications

Vysk is an award-winning mobile security firm that has developed the world’s most secure system for voice communication.

Applied Risk

Applied Risk

Applied Risk is an established leader in Industrial Control Systems security, focused on critical infrastructure security and combating security breaches that pose a significant threat.

Cyberra Legal Services (CLS)

Cyberra Legal Services (CLS)

Cyberra Legal Services provides cyber law advisory, cyber crime consultancy, cyber law compliance audit, cyber security, cyber forensics and cyber training services.

Hexnode MDM

Hexnode MDM

Hexnode MDM is an award winning Enterprise Mobility Management vendor which helps businesses to secure and manage BYOD, COPE, apps and content.

ST Engineering

ST Engineering

ST Engineering is a leading provider of trusted and innovative cybersecurity solutions.

Alpine Cyber Solutions

Alpine Cyber Solutions

Alpine Cyber is a Managed IT Service Provider focused on cybersecurity and cloud services.

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum is a catalyst platform designed to create a more resilient and better cyberworld for all.

XioGuard

XioGuard

XioGuard is a managed security service for 360-degree cybersecurity coverage, protecting the entire attack surface, increasing performance, reducing cost, and simplifying operations.

Bugbank

Bugbank

Bugbank (aka Vulnerability Bank) is a leading SaaS platform for internet security services in China.

MindWise

MindWise

MindWise is a comprehensive global threat monitoring solution with implementations for fraud prevention and enterprise threat intelligence.

Avrem Technologies

Avrem Technologies

Avrem Technologies is a business IT and cybersecurity consulting firm. We design, implement, manage and monitor the networks, servers, computers and software that our clients rely on each day.

Unciphered

Unciphered

Unciphered was created as the first company providing services for opening locked hardware cryptocurrency wallets.