Security & Fraud

Travelex Systems Back Online; Customers Receive Refunds

Travelex

Foreign exchange company Travelex is back online with some of its electronic services after its system was brought down by hackers nearly two weeks ago, Reuters reported on Monday (Jan. 13).

A cyberattack demanded ransom and blacked out the company’s systems and online services, forcing the foreign exchange giant to manually service thousands of customers.

The ransomware gang Sodinokibi was blamed for demanding $6m (£4.6m) in exchange for customer data. Travelex said the malware was kept in check and customer data was not compromised. 

“Based on Travelex’s extensive internal assessments and the analyses conducted by its expert partners there, is no evidence to suggest that customer data has been compromised,” the company said.

In an email, Travelex — owned by Finablr — said it would “continue to make good progress with our recovery and have already completed a considerable amount in the background. … We are now at the point where we are able to start restoring functionality in our partner and customer service.”

Travelex has a presence in more than 70 countries and had to service customers in person at 1,200 locations worldwide while recovering its systems.

Travelex said it will continue to communicate with partners about restarting services and “provide a roadmap” for authorities. The currency trader said it had restored some of its internal and order processing systems and was providing refunds to customers “where appropriate.”

Officials at the Albany International Airport paid a ransom to cybercriminals after the facility’s systems were hit with the Sodiniokibi ransomware strain on Christmas, the Albany Times Union reported. The incident is being investigated by the FBI and the New York State Cyber Command. 

Travelex early this year acknowledged a “software virus” that was the work of Sodinokibi, which also goes by the REvil moniker. The ransomware gang asked for $6 million in exchange for encrypted customer data. The company said in a statement that the data had not been compromised, adding that “we have now contained the virus and are working to restore our systems and resume normal operations as quickly as possible. Travelex’s network of branches continues to provide foreign exchange services manually.”

——————————

PYMNTS LIVE ROUNDTABLE: TUESDAY, JULY 14, 2020 AT 12:00 PM (ET)

Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.

TRENDING RIGHT NOW