Travelex crippled since New Year’s Eve by ransomware attack

Register now

Travelex Holdings Ltd., the London-based foreign exchange company, is being held ransom by hackers, forcing the firm to suspend services across 30 countries, according to the BBC.

A ransomware gang called Sodinokibi has told the news site that it is responsible for the hack and is demanding Travelex pay $6 million (4.6 million pounds).

The group, also known as REvil, claims to have gained access to the company’s computer network six months ago and to have downloaded 5GB of sensitive customer data, according to the BBC. They claim to have dates of birth, credit card information and social security numbers in their possession.

Travelex confirmed the discovery of a software virus on Jan. 2, and said in a statement on its website that IT specialists and cybersecurity experts are working to isolate the virus.

“Our investigation to date shows no indication that any personal or customer data has been compromised,” according to the statement. Travelex couldn’t immediately be reached for comment Tuesday.

Meanwhile, Travelex’s network of branches is continuing to provide foreign exchange services manually.

The U.K. Metropolitan Police is investigating the attack, the BBC reported. “Inquiries into the circumstances are ongoing,” according to a statement from the Metropolitan Police reported by the BBC.

The Metropolitan Police’s cyber unit didn’t respond to a message seeking comment from Bloomberg.

Ransomware attacks have become a major source of concern for companies and infrastructure in the U.K., the U.S. and elsewhere. Companies, like Norsk Hydro ASA in Norway, have lost millions after being halted for sometimes weeks to restore operations.

Bloomberg News
Ransomware Cyber security