Travelex services offline following massive cyber attack
Following a New Year’s Eve cyber-attack, the foreign currency exchange firm Travelex has been forced to take all of its services offline.
To prevent further spread of the virus through its systems, a decision was taken was taken to take all systems offline – forcing the London headquartered retail currency dealer to provide services manually in its branches.
“Our investigation to date shows no indication that any personal or customer data has been compromised,” Travelex said in a statement.
Hackers held Travelex to ransom, demanding the firm pay $6m (£4.6m) before they unlock its systems.
That has affected banks like Barclays, Lloyds and RBS, which use Travelex to provide their travel money services.
The hackers, a gang called Sodinokibi, are believed to have gained access to the company’s computer network six months ago and claim to have downloaded 5GB of sensitive customer data.
Dates of birth, credit card information and national insurance numbers are all in their possession, they said.
Travelex said it is working closely with the Metropolitan Police, which is leading the investigation into the attack.
Travelex is the world’s largest retail currency dealer, and has a presence in more than 70 countries and more than 1,200 branches and 1,000 ATMs worldwide. It processes more than 5,000 currency transactions every hour.
The company says it is working with industry-leading cyber recovery specialists to fix the problem, working since New Year’s Eve to isolate the virus.
Tony D’Souza, chief executive of Travelex, said: “We regret having to suspend some of our services in order to contain the virus and protect data.
“We apologise to all our customers for any inconvenience caused as a result.
With many travellers abroad for the Christmas holiday, the attacks comes at a difficult time for both Travelex and its customers.
This is not the first time that Travelex has been in the news for Cyber Security or IT.
The bank had also faced a serious cyber-attack the year before in which money was stolen from around 20,000 accounts.
Travelex was at the centre of an IT crisis nearly two years ago, when it mistakenly leaked data on thousands of customers of partner Tesco Bank.
The currency firm is not the only company to fall victim to ransomware. In the last year the trend has been that well-organised and well-funded criminal hacking groups have targeted high-value companies and public bodies.
Earlier this week a US maritime base was forced offline for more than 30 hours.And in 2016 it emerged that British banks were constantly under cyber-attack but often fail to report the incidents to authorities over concerns that they could be punished.