Travelex Forced into Administration After Ransomware Attack

CyberPanther

Level 6
Thread author
Verified
Well-known
Oct 1, 2019
295
Ransomware victim Travelex has been forced into administration, with over 1000 jobs set to go.

PwC announced late last week that it had been appointed join administrators of the currency exchange business.

Despite operating over 1000 ATMs and 1000+ stores globally, and providing services for banks, supermarkets and travel agencies in over 60 countries, the firm was forced to cut over 1300 jobs as part of the restructuring.

“The impact of a cyber-attack in December 2019 and the ongoing COVID-19 pandemic this year has acutely impacted the business,” admitted PwC in a notice announcing the news.

The Sodinokibi (REvil) variant is believed to have struck the firm on New Year’s Eve last year, forcing its website offline and impacting its bricks-and-mortar stores and banking services. It took until January 17 for the firm to get its first customer-facing systems live again in the UK.

Unconfirmed reports at the time suggested that a critical unpatched vulnerability in Pulse Secure VPNs (CVE-2019-11510) may have allowed attackers to remotely execute malicious code. A security researcher said he reached out to the firm in September 2019 to flag the issue but was ignored.

It’s still unclear exactly how much these mistakes ended up costing the firm although reports suggested that the REvil gang was demanding a $6m (£4.6m) ransom in return for the decryption key and deletion of stolen customer data.

Parent company Finablr revealed in March that a combination of the cyber-attack and the hit to business from COVID-19 was predicted to cost the firm £25m in Q1 2020, although it also claimed that cyber-insurance would cover a large part of its outgoings.

PwC remained upbeat about the future of the company, following its £84 million restructuring.

“The completion of this transaction has safeguarded 1802 jobs in the UK and a further 3635 globally, and ensured the continuation of a globally recognized brand,” said joint administrator, Toby Banfield.
 

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
It's fairly common.

You can be educated but still dumb as a brick.
Shame companies ignore a security researcher warning .

IT guys should be informed and investigate such issues with the research in order to mitigate such attacks as well as using a red team to test their hardening and isolation as well as confirmed all software is updated and signed.
 
  • Like
Reactions: [correlate]

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top