Services provided by foreign exchange company Travelex continue to remain unavailable, two weeks after the firm incurred a large-scale cyberattack.
Customers across Europe, Asia and the US are still unable to gain online access to their accounts. The outage also extends to banks using Travelex to provide travel money services, including RBS, Lloyds, Tesco Bank and Barclays.
The attack, which caused Travelex to suspend its website in 30 countries, was discovered on New Year’s Eve.
- Travelex website was hit by Sodinokibi ransomware
- Best free anti-ransomware software tools of 2020
- WannaCry was the most common crypto ransomware attack last year
High stakes
Ransomware group REvil has taken credit for the attack, demanding Travelex pay £4.6m ($6m) before it releases its hold on the company’s systems. The group is threatening to expose a wealth of Travelex customer data, including payment card information.
Travelex claims the attack has been contained, and that no personally identifiable information (PII) has yet been compromised. However, REvil has told the BBC it gained access to the company’s network six months ago and has collected 5GB of sensitive customer data.
Tony D’Souza, Travelex CEO, has released a statement in an attempt to allay fears about continued downtime.
“We continue to make good progress with our recovery and have already completed a considerable amount in the background,” he said. “We are now at the point where we are able to start restoring functionality in our partner and customer services.”
Travelex has declined to predict when its services will come back online. In the interim, staff have reportedly taken to using pen and paper to perform tasks.
- Keep yourself protected online with the best anti-virus software for 2020
Via BBC
