Travelex Service Slowly Resumes

On New Year’s Eve, Travelex was hit by a ransomware attack, which saw its services disrupted causing a ripple effect which impacted customers and the foreign exchange arm of the banking sector.

The cyber attack compromised the organisations systems, which resulted in them taking them offline as a precaution.

Two weeks on, Travelex have now started to recover from the attack and is switching its systems back on.

However, as of yesterday (14th January 2020), its global websites including those aimed at UK and US customers were still offline. Other organisations which also use the Travelex system such as, the Royal Bank of Scotland, Barclays, Tesco Bank and Asda were also still offline.

Whilst the recovery process has been ongoing, it has emerged that the ransomware gang responsible for the attack, Sodinokibi had demanded £4.6m otherwise they would release customer’s personal data – including dates of birth and payment card information ready for others to use. However, the company deny that any customer information has been breached.

Travelex said it had contained the virus and that its investigations showed that no customer data has been breached to date. It is in communication with the UK’s National Cyber Security Centre (NCSC) – which is part of GCHQ – and the Metropolitan police.

Tony D’Souza, Chief Executive of Travelex, said:

“We continue to make good progress with our recovery and have already completed a considerable amount in the background.”

He said the firm was now in a position to start restoring functionality at its partner and customer services, and that it would provide more information in the coming days.

Tony D’Souza added:

“We are confident, based on our efforts to date, that we will be able to restore our services and ensure the integrity and robustness of the network.”

The firm said it would start restoring customer-facing systems, beginning with those that allowed it to process orders electronically with banking partners and in its own stores.