Travelex Checking Employees’ Computers For Signs Of Ransomware

Travelex Checking Computers For Ransomware

Some employees of Travelex, a company that was recently hit with a ransomware attack, were forced to hand over their laptops to technicians to see if their machines were infected and whether they can be fixed, according to a report by the Financial Times.

The IT department at the company is going through laptops and other electronics to urgently treat the hardware. The attack was discovered on New Year’s Eve. Hackers threatened to publish sensitive personal data on customers, like credit card numbers, if they’re not paid $6 million. The police are also investigating.

Some of the biggest banks in the U.K., including the Royal Bank of Scotland, HSBC and Barclays, are also impacted, because they use Travelex as their exchange provider.

Travelex said they are urgently trying to “contain and limit” the cyberattack, and are communicating through WhatsApp messages to circumvent the company’s email system.

During the attack, many workers weren’t able to log into the company payroll system, and they were forced to use pen and paper to record overtime hours. Travelex also had to use manual processes to serve customers when the system went down, but said that all employees will be paid on time on Jan. 28.

Barclays said they were “unable to process foreign currency orders due to an issue with our service provider, Travelex,” and that they were working to resume services as soon as possible.

Other companies on Travelex’s periphery were also affected.

Samsung recently inked a deal with Finablr, Travelex’s parent company, on a cross-border payment wallet, but said it had “decided to disable the international payment service at this time.” Samsung said there was no evidence of Samsung Pay users being affected.

Travelex said the hack was the result of a ransomware virus called Sodinokibi, or “REvil.”