Travelex Ransom Demand Is Doubled

Uploaded on 2020-01-16 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel, BUSINESS-Services-Financial

Malicious hackers are holding Travelex to ransom and the original demand for payment  of $3m to re-start the copmanies online systems now been doubled to $6m. Two weeks after the enormous Travelex cyber hack banks that use Travelex for their foreign exchange services still cannot sell travel money. The affected banks  include Lloyds, Barclays, and RBS.

The hackers struck on New Year's Eve forcing the London-headquartered firm to take down all its global websites. Travelex has a presence in more than 70 countries, with more than 1,200 branches and 1,000 ATMs worldwide. In a statement, the foreign exchange firm said it is making "good progress" recovering its systems over 15 days after the firrst event.

The firm’s employees are using pen and paper since the hack, but should be able to switch on their computers again soon.
Travelex website, that was taken down immediately after the attack was launched two weeks ago, but is still offline and the firm has not said when it will be operational again.

Banks that depend on its foreign exchange services are still unable to sell travel money online or in store as a result of the attack.

"We continue to make good progress with our recovery and have already completed a considerable amount in the background," said Travelex boss Tony D'Souza. "We are now at the point where we are able to start restoring functionality in our partner and customer services, and will be giving our partners additional detail on what that will look like during the course of this week," adding that "There is no evidence to suggest that customer data has been compromised."

The hackers, thought to be a gang using Sodinokibi, malware also known as REvil, have told the BBC they gained access to the company's computer network six months ago and claim to have downloaded 5GB of sensitive customer data.In August last year threat analysts at leading cybersecurity form Cybereason dubbed Sodinokiba 'The Crown Prince of Ransomware. 

The hackers are understood to claim that they have dates of birth, credit card information and national insurance numbers of Travelex customers all in their possession. 

Travelex has started issuing refunds to customers, with its website still down two weeks after being hit by the cyberattack.
Now Travelex has said it is working closely with the Metropolitan Police, which is leading the investigation into the attack.
Travelex’s network of branches around the UK are still operational, and are providing foreign exchange services manually.

Portswigger:        BBC:         iNews:        Yorkshire Evening Post::

You Might Also Read:

Cyber Criminals Demand Ransom From Travelex:

 

 

« Ireland’s Cyber Strategy
Can A 5G Network Really Be Secure? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Council on Foreign Relations (CFR)

Council on Foreign Relations (CFR)

CFR is dedicated to better understanding the world and the foreign policy choices facing the USA and other countries. Cyber security is covered within the CFR topic areas.

Assured Enterprises

Assured Enterprises

Assured Enterprises provides comprehensive cyber risk identification, management and mitigation across all platforms.

StormWall

StormWall

StormWall is an Anti-DDoS protection service for websites and networks. We offer 100% protection from all types of DDoS attacks and 24/7 technical support.

Cyber Security Malta

Cyber Security Malta

Cyber Security Malta is part of Malta's National Cyber Security Strategy which aims to combat cybercrime, strengthen national cyber defence and provide cyber security awareness and education.

Celerium

Celerium

Celerium transforms cyber defense for both companies and industry sectors by leveraging cyber threat intelligence to defend against cyber threats and attacks.

Calypso AI

Calypso AI

Calypso AI build software products that solve complex AI risks for national security and highly-regulated industries.

EnigmaSoft

EnigmaSoft

EnigmaSoft is known for its PC anti-malware remediation utility and service under the tradename SpyHunter.

Safetech Innovations

Safetech Innovations

Safetech Innovations is a team of cyber security experts, always at your service. We use human and cyber intelligence to help your business in uncertain times.

Snowflake

Snowflake

Empower your cybersecurity and compliance teams with Snowflake. Gain full visibility into security logs, at massive scale, while reducing costs of Security Information and Event Management systems.

TRU Staffing Partners

TRU Staffing Partners

TRU Staffing Partners is an award-winning contract staffing and executive search firm for cybersecurity, eDiscovery and privacy companies and professionals.

Secure Diversity

Secure Diversity

Secure Diversity is an innovative non-profit organization with leaders that think out of the box to create strategies & solutions to increase diversity in the cybersecurity industry.

Primus Institute of Technology

Primus Institute of Technology

At Primus Institute of Technology our mission is to inspire, support, and empower current and aspiring IT professionals through training and career development workshops.

McAfee

McAfee

McAfee is a worldwide leader in online protection. We’re focused on protecting people, not devices. Our solutions adapt to our customers’ needs and empower them to confidently experience life online.

Securious

Securious

If you need to improve your cyber security or achieve cyber security accreditations, Securious provide an independent service that will identify and address your issues quickly and efficiently.

dWallet Labs

dWallet Labs

dWallet Labs is a cybersecurity company specializing in blockchain technology. We believe that the future of Web3 relies on cutting edge cryptography and unabated security.

Network Coverage

Network Coverage

Network Coverage align, maintain, and integrate technology and cloud solutions with business operations to improve productivity and security with as few issues and disruptions as possible.