Security & Fraud

Travelex Systems Back Online; Customers Receive Refunds


Foreign exchange company Travelex is back online with some of its electronic services after its system was brought down by hackers nearly two weeks ago, Reuters reported on Monday (Jan. 13).

A cyberattack demanded ransom and blacked out the company’s systems and online services, forcing the foreign exchange giant to manually service thousands of customers.

The ransomware gang Sodinokibi was blamed for demanding $6m (£4.6m) in exchange for customer data. Travelex said the malware was kept in check and customer data was not compromised. 

“Based on Travelex’s extensive internal assessments and the analyses conducted by its expert partners there, is no evidence to suggest that customer data has been compromised,” the company said.

In an email, Travelex — owned by Finablr — said it would “continue to make good progress with our recovery and have already completed a considerable amount in the background. … We are now at the point where we are able to start restoring functionality in our partner and customer service.”

Travelex has a presence in more than 70 countries and had to service customers in person at 1,200 locations worldwide while recovering its systems.

Travelex said it will continue to communicate with partners about restarting services and “provide a roadmap” for authorities. The currency trader said it had restored some of its internal and order processing systems and was providing refunds to customers “where appropriate.”

Officials at the Albany International Airport paid a ransom to cybercriminals after the facility's systems were hit with the Sodiniokibi ransomware strain on Christmas, the Albany Times Union reported. The incident is being investigated by the FBI and the New York State Cyber Command. 

Travelex early this year acknowledged a “software virus” that was the work of Sodinokibi, which also goes by the REvil moniker. The ransomware gang asked for $6 million in exchange for encrypted customer data. The company said in a statement that the data had not been compromised, adding that “we have now contained the virus and are working to restore our systems and resume normal operations as quickly as possible. Travelex’s network of branches continues to provide foreign exchange services manually.”



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.