A foreign exchange company, Travelex, suffered a hacking attack on New Year’s Eve and is currently being held for ransom.
According to recent reports, the last day of 2019 brought quite a bit of bad news for a foreign exchange company known as Travelex. The firm saw an unexpected hacking attack on New Year’s Eve, which forced it to take down its website in 30 different countries in order to protect data.
Travelex given deadline for ransom by hackers who hold systems and customer data https://t.co/c6kDgODhcL
— BBC News (World) (@BBCWorld) January 7, 2020
Attacked by Ransomware Group
The company’s systems were attacked by a ransomware group known as Sodinokibi, which took responsibility. Furthermore, hackers demand that Travelex pays $6 million in order for them to withdraw.
The group is also known under the name of REvil, and it claims that it had access to Travelex’s computer network for about six months. During that time, the hackers supposedly managed to steal around 5GB of sensitive customer information, including credit card data, dates of birth, insurance numbers, and more.
Now, hackers demand that Travelex pays up, in which case they would delete the data in their possession and restore the company’s network. If the company doesn’t pay, however, they plan to sell the entire database.
Travelex Public Response Is ‘Shockingly Bad’
Meanwhile, according to the Information Commissioner’s Office (ICO), it seems that Travelex did not report the data breach, which it had an obligation to do within 72 hours from the moment it discovered it. Alternatively, it could risk a fine consisting of 4% of its own global turnover.
After the breach became known, the Metropolitan Police took the lead, and it is currently investigating the incident. However, Travelex also said that it deployed teams of external cyber-security experts and IT professionals to help.
So far, the experts were able to confirm that the attacks do seem like the work of REvil. While the investigation continues, Travelex websites remain offline across Asia, Europe, and the US. Visitors to the website are notified of this when they try to enter the site, which claims to be down for ‘planned maintenance.’
So far, customers were not notified about the attack via email, although their questions are replied to by the company via social media. Many have criticized the company for extremely bad public response, including security researcher Kevin Beaumont. Others are still urging the firm to communicate with its clients, although it seems that at least its partners are aware of the situation.
Images are courtesy of Twitter, Shutterstock, Pixabay.