The risks of poor Cyber Security were highlighted by the ransomware attack on Travelex that has continued to disrupt their services.
Many members of the Travelex team started the year with no access to systems and trying to operate with pen and paper. Cyber criminals are demanding a £4.6 million ransom from the foreign currency exchange firm after penetrating its network and encrypting it with malware. Travelex were forced to take their websites offline after a New Year’s Eve cyber-attack, which saw a threat to release customers’ personal data including dates of birth and credit card information.
The criminals behind the attack are known as Sodinokibi, or REvil, and the Travelex breach has disrupted foreign exchange at a number of banks including Barclays, HSBC, First Direct, Sainsbury’s Bank and Virgin Money, among others. They all rely on Travelex to provide their foreign exchange services.
Travelex were apparently warned about insecure VPN servers in September 2019.
2 weeks on, Travelex CEO Tony D’Souza says “We are now at the point where we are able to start restoring functionality in our partner and customer services, and will be giving our partners additional detail on what that will look like during the course of this week”. The Travelex website, which was immediately taken down once the attack was launched two weeks ago, remains offline.Back to News