The website of British money exchange company Travelex is back online in the Netherlands. The company was hit by a ransomware attack in January, making it impossible to exchange money via their website for a long time. So now most of the problems at Travelex seem to be solved again and customers can also access the British exchange office online again.
Hostage software called Sodinokibi held Travelex in a hold for the past few weeks. The cybercriminals had encrypted the company's systems so no one could access them and asked for a ransom to release the data again. According to the BBC, which reportedly spoke with the hackers, they asked for $6 million. It is not known if Travelex has now paid to regain control or if they have found a way to get their systems back by other means.
Due to the cyber-attack, customers could not access Travelex online to exchange their money for a vacation, for example. Systems were also down in the physical offices, forcing employees to help customers with pen and paper.
Travelex does not seem to want to go public much about the situation. When their website was offline it said the site was unavailable due to scheduled maintenance. Now that they are back online they only say the following on the site: "Our website is back online after a period of downtime. We apologize for any inconvenience caused and thank you for your patience." They remain very vague about the reasons behind the downtime and do not release anything about any negotiations with the hackers. As a result, it is unclear to customers of the company whether, for example, personal data was leaked. A British police investigation into the attack is still ongoing so we may hear more when it is completed.
This news item can also be found in the Information Security file
