In response to the cyber-attack, which was first discovered on New Year’s Eve, Travelex took all computer systems offline, affecting thousands of sites in dozens of countries. Cashiers have been resorting to using pen and paper to keep money moving at cash desks in airports and on high streets but orders online have been affected…reports Asian Lite News
UAE-based billionaire BR Shetty owned Travelex suspended its operations after hackers demanding ransom accessed their data base.
The criminals behind the hack told the BBC they are demanding $6m (AED 30 million) or company computer systems will be deleted and customer data sold online.
Travelex says that there is no evidence customer data has been compromised.
In response to the cyber-attack, which was first discovered on New Year’s Eve, Travelex took all computer systems offline, affecting thousands of sites in dozens of countries. Cashiers have been resorting to using pen and paper to keep money moving at cash desks in airports and on high streets but orders online have been affected.
“On Tuesday December 31st Travelex detected a software virus which had compromised some of its services,” Travelex said in a statement. “As previously announced, on discovering the virus, and as a precautionary measure, Travelex immediately took all its systems offline to prevent the spread of the virus further across the network.”
“Having completed the containment stage of its remediation process, detailed forensic analysis is fully underway and the company is now also working towards recovery of all systems,” it added. “To date Travelex has been able to restore a number of internal systems, which are operating normally. The company is working to resume normal operations as quickly as possible and does not currently anticipate any material financial impact for the Finablr Group.”
Finablr Group was established by the Indian-born billionaire B. R. Shetty in April 2018. Initial investments included UAE Exchange, which Shetty founded in 1980, and Travelex, which he acquired in 2014.
BBC says a ransomware gang called Sodinokibi carried out the attack on Travelex. The gang, also known as REvil, claims it first gained access to the company’s computer network six months ago and has since downloaded 5 gigabytes of sensitive customer data. Dates of birth, credit card information and national insurance numbers are all in their possession, they claim.
However, a Travelex spokeswoman said: To date, the company can confirm that whilst there has been some data encryption, there is no evidence that structured personal customer data has been encrypted.
“Whist Travelex does not yet have a complete picture of all the data that has been encrypted, there is still no evidence to date that any data has been exfiltrated.”
The Information Commissioner’s Office (ICO) said it had not received a data breach report from Travelex.
A spokeswoman added: “Organisations must notify the ICO within 72 hours of becoming aware of a personal data breach unless it does not pose a risk to people’s rights and freedoms.
“If an organisation decides that a breach doesn’t need to be reported, they should keep their own record of it and be able to explain why it wasn’t reported if necessary.”
Under General Data Protection Regulation, a company which fails to comply can face a maximum fine of 4% of its global turnover.
The Metropolitan Police says it’s Cyber Crime team is leading the investigation into the attack.
Travelex has not said whether or not they are negotiating with the hackers and have not given any timeframe for when normal service will resume.
Tony D’Souza, Chief Executive of Travelex, said: “Our focus is on communicating directly with our partners and customers to protect them and their information from any further compromise. We take very seriously our responsibility to protect the privacy and security of our partner and customer’s data as well as provide an excellent service to our customers and we sincerely apologise for the inconvenience caused. Travelex continues to offer services to its customers on a manual basis and is continuing to provide alternative customer solutions in the interim. We are working tirelessly to bring our systems back online.”
Travelex is in discussions with the National Crime Agency (NCA) and the Metropolitan Police who are conducting their own criminal investigations, as well as its regulators across the world.