Travelex restoring some electronic services after cyber attack
Staff at Travelex were forced to use pen and paper to serve thousands of customers after ransomware forced the company to take all its systems offline, causing chaos for New Year holidaymakers and business travelers seeking online currency services.
“We continue to make good progress with our recovery and have already completed a considerable amount in the background,” Travelex, owned by Finablr Plc, said in an email.
“We are now at the point where we are able to start restoring functionality in our partner and customer service.”
The currency trader said it had restored some of its internal and order processing systems and was providing refunds to customers “where appropriate”.
Travelex also provides forex services for customers of HSBC, Barclays, Virgin Money and the banking arms of British retailers Tesco and Sainsbury.
The company, which has a presence in more than 70 countries, had been forced to serve customers face-to-face at 1,200 locations worldwide.
Travelex said on Monday it will continue to communicate with partners about restarting services and “provide a roadmap” setting out its next steps.
The company said it has been able to honor most online orders for collection in store after being hit by ransomware called Sodinokibi and has contacted those affected to make alternative arrangements.
Travelex said it was working with authorities including the National Cyber Security Centre and London’s Metropolitan Police. The police have launched a criminal investigation.
“Based on Travelex’s extensive internal assessments and the analyses conducted by its expert partners there, is no evidence to suggest that customer data has been compromised,” the company said.
Companies face an increasing threat from ransom-demanding hackers who cripple technology systems and demand payment to stop.