On Thursday the 2nd January the Travelex sites went down after the foreign currency service discovered it had been hit by a software virus. The company said it had immediately taken all of its systems offline “as a precautionary measure in order to protect data and prevent the spread of the virus” after learning of the attack.
Now it has been revealed that cyber criminals are holding Travelex to ransom. The hackers are demanding a $3 million (£2.3 million) ransom to give the firm access to its systems. They have demanded payment in exchange for either restoration of IT systems or the preservation of customer data. It is understood that a deadline for payment has been set by the cyber-criminals.
The Metropolitan Police is leading the investigation into the attack. In a statement, the force said: “On Thursday
, 2 January, the Met’s Cyber Crime Team were contacted with regards to a reported ransomware attack involving a foreign currency exchange. Enquiries into the circumstances are ongoing.”
The early results of its investigation show no signs that personal or customer data have been compromised. Travelex has deployed IT specialists and external cyber security experts to help restore affected systems and “isolate the virus.” “We regret having to suspend some of our services in order to contain the virus and protect data. We apologise to all our customers for any inconvenience caused as a result. We are doing all we can to restore our full services as soon as possible,” said Tony D’Souza, chief executive of Travelex.
The recovery operation is being coordinated from a Travelex office in the UK and the company insists that no customer data has been leaked, but would not say what data could potentially be at risk.
Users navigating to Travelex’s online exchange services were instead greeted with a message that read: “Our online, foreign currency purchasing service is temporarily unavailable due to planned maintenance. The system will be back online shortly.”
Branches are manually handling exchange services while online systems are down, the group said. “We are aware of this incident and working closely with the affected organisation to understand its impact,” a spokesperson for the National Cyber Security Centre said.
The post Travelex being held to $3 million ransom by cyber criminals appeared first on Payments Cards & Mobile.