Travelex puts money transfer systems online after cyberattack
Travelex has said that its international money transfer service in the UK is fully operational as the firm seeks to recover from a damaging cyberattack.
The attack, which occurred on New Year’s Eve 2019, forced the foreign exchange company to shut down its websites and resulted in the suspension of FX services that several major UK banks.
The firm released a statement last week that its automated order placement systems – used by its retail banking partners – were back online.
Despite this several banks including Tesco Bank, Sainsbury’s Bank, HSBC, and Virgin Money still report their systems as offline at the time of writing.
The group behind the Sodinokibi ransomware used in the attack, also known as REvil, initially demanded a $3 million payment to release what it claimed were the encrypted personal files of Travelex customers, then raised the figure to $6 million.
It claimed to have stolen and encrypted the dates of birth, credit card information and national insurance numbers of thousands of users, in files amounting to 5GB worth of data.
See more: Canadian banks impersonated in two-year phishing campaign
Travelex for its part has refuted claims that customers are at risk.
“Based on Travelex’s extensive internal assessments and the analyses conducted by its expert partners there is no evidence to suggest that customer data has been compromised,” it wrote in a statement.
According to Reuters sources, losses incurred by the firm will be covered by a cyber insurance policy arranged with risk management firm and broker Gallagher.
The main Travelex website remains down.