upnorth

Level 42
Verified
Trusted
Content Creator
Malware Hunter
Travelex has been forced to take down its website after a cyber attack.

The foreign-currency seller has been working on the issue since the software virus attack on New Year's Eve. "We regret having to suspend some of our services in order to contain the virus and protect data," Travelex boss Tony D'Souza said. The company has resorted to carrying out transactions manually, providing foreign-exchange services over the counter in its branches.
Travelex said it had deployed "teams of IT specialists and external cyber-security experts", who have been "working continuously since New Year's Eve to isolate the virus and restore affected systems". The firm will continue to provide foreign-exchange services manually at its branches until the problem is fixed. The decision to take the site down has affected other services that use Travelex, including Tesco Bank.
Update!
On Thursday evening, Travelex said it had taken down its site to contain "the virus and protect data". That has affected Sainsbury's Bank, Barclays and HSBC, among others, which all use the Travelex platform. There is no indication when the Travelex website will be restored. The company said it has been working on the issue since the software virus attack on New Year's Eve.

:rolleyes:
 

upnorth

Level 42
Verified
Trusted
Content Creator
Malware Hunter
A ransomware gang called Sodinokibi has told the BBC it is behind the hack and wants Travelex to pay $6m (£4.6m). The gang, also known as REvil, claims to have gained access to the company's computer network six months ago and to have downloaded 5GB of sensitive customer data.
 

upnorth

Level 42
Verified
Trusted
Content Creator
Malware Hunter
Notably D’Souza attempts to reassure public concerns that their data may have been put at risk, but stating that Travelex has “not uncovered any evidence to suggest that any customer data has left the organisation”.

Of course, an absence of evidence is not evidence of absence. Data is different from the Mona Lisa. If someone steals the Mona Lisa, you notice the gap in the wall of The Louvre. It’s not as simple as that with data.
If you have a secure backup, and if you have the systems in place to restore that backup in a safe, prompt fashion, then you shouldn’t need to ever consider paying the criminals behind a ransomware attack.
Btw, their service/site is still down. :sleep:
 
Top