Travelex Slowly Recovering From Ransomware Attack

Uploaded on 2020-01-28 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW

The boss of Travelex has finally spoken out about a cyberattack that forced its staff to use pen and paper and halted travel money sales at some banks and supermarkets.

Travelex has restored some of its systems after a New Year’s Eve cyberattack left customers unable to exchange foreign currency online at some of Britain’s biggest banks. Travelex is still declining to say if it has paid a ransom to the criminals responsible.

The travel money provider said it had managed to restore the automated order placement used by several UK high street banks and would relaunch its international money transfer service by the end of January.However, other Systems remain Offline

The firm has released a number of short statements since cyber criminals held the firm to ransom on 31 December.But in a video message on the firm's website, boss Tony D'Souza said the IT system used by in-store staff was working again. Travelex, which is the world’s largest currency dealer, shut down its systems after a cyberattack on New Year’s Eve. It had still managed to process orders in store but was forced to use pen and paper to track them.

Some of Britain’s biggest banks were caught up in the outage, forcing their online customers to find other ways to buy cash for their holidays.

Banks will now be able to do in-store orders for home delivery and for collection in branch. However, Travelex will initially only offer 70 currencies, with more coming online later. The major currencies are understood to have been prioritised. While D’Souza said the system used by staff is now working, there was no word on when the firm's main UK website would be returned to service. He offred some  to reassurance over public concerns that user data may have been put at risk, saying that Travelex has “not uncovered any evidence to suggest that any customer data has left the organisation”.

The company said automated order placement systems used by UK banking partners, which include HSBC, Barclays and Virgin Money, were now live. RBS and Tesco Bank later reported that their respective travel money sites, powered by Travelex, remained offline. That means customers are still unable to order currency online, either from Travelex itself or through the network of banks that use its services, including Barclays, Lloyds, RBS, and the finance websites of Sainsbury's and Tesco.

Travelex has said very little publicly since hackers held its systems to ransom by encrypting its digital files, reportedly demanding somewhere between £3m amd $6m to unlock that data.

Mr D'Souza said it was "not appropriate" to discuss details of the attack, adding that an investigation was ongoing. "To date, there is no evidence that any data has left the organisation," he told the BBC. The hackers, a gang called Sodinokibi, have told the BBC they gained access to the company's computer network six months ago and claim to have downloaded 5GB of sensitive customer data caliming that dates of birth, credit card information and national insurance numbers are all in their possession, they said. 

Travelex said it is working closely with the Metropolitan Police, which is leading the investigation into the attack.

BBC:        Barhhead News:            Sky News:         Graham Cluely:       Realwire:

You Might Also Read:

30% Of Business Leaders Would Pay Ransom:

New Ransomware Formats Double:

« Publishers Spread Fake News
GDPR Data Breach Notifcations & Fines Are Increasing »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

International Conference on Information Systems Security & Privacy (ICISSP)

International Conference on Information Systems Security & Privacy (ICISSP)

The ICISSP event is a meeting point for researchers and practitioners to address security and privacy challenges concerning information systems.

Syhunt Security

Syhunt Security

Syhunt is a leading player in the web application security field, delivering its assessment tools to a range of organizations across the globe.

Lirex

Lirex

Lirex offer consulting and outsourcing services, complete design, construction and maintenance of ICT solutions and systems including cybersecurity.

American Cybersecurity Institute

American Cybersecurity Institute

American cybersecurity Institute is a newly formed not-for-profit organization dedicated to education, advocacy, study and analysis in the space of cybersecurity law and policy.

Charities Security Forum (CSF)

Charities Security Forum (CSF)

The Charities Security Forum is the premier membership group for information security people working for charities and not-for-profits in the UK.

Blockchain Reactor

Blockchain Reactor

Blockchain Reactor is a blockchain consultancy and implementation company providing cutting-edge blockchain solutions for start-ups and enterprises.

CSC Digital Brand Services

CSC Digital Brand Services

Our brand protection and security expertise give our customers peace of mind that no matter how fast the digital world changes, their intellectual property and digital assets will be secure.

Kasm Technologies

Kasm Technologies

Kasm Browser Isolation - Protect your organization from malware, ransomware and phishing by using zero-trust containerized browsers.

Tangible Security

Tangible Security

Tangible employs the most sophisticated cyber security tools and techniques available to protect our clients’ sensitive data, infrastructure and competitive advantage.

Crypto International

Crypto International

Crypto International offers comprehensive services for the operation of our customers’ IT and communication infrastructure, with a focus on cybersecurity and encryption solutions.

Halborn

Halborn

Elite blockchain cybersecurity. Award-winning ethical blockchain hackers to secure your stack end-to-end. Far beyond smart contracts.

Riskonnect

Riskonnect

Riskonnect technology empowers organizations with the ability to anticipate, manage, and respond in real-time to strategic, operational, and digital risks across the extended enterprise.

Apura Cybersecurity Intelligence

Apura Cybersecurity Intelligence

Apura is a Brazilian company that develops advanced products and provides specialized services in information security and cyber defense.

PingSafe

PingSafe

PingSafe is creating the next-generation cloud security platform powered by attackers' intelligence, providing coverage for vulnerabilities that traditional security solutions would otherwise overlook

ARGOS Cloud Security

ARGOS Cloud Security

ARGOS aims to simplify and strengthen cloud security, by creating a visual map of security vulnerabilities, to your priceless information stored in any cloud provider environment.

Umbrella Cyber

Umbrella Cyber

Umbrella Cyber specialises in Cyber Essentials and Cyber Essentials Plus Certification and penetration testing.