Skip to main content

Travelex reportedly paid millions to hackers after ransomware attack

 

Travelex reportedly paid hackers $2.3 million to regain access to its own computer systems after they were compromised in a ransomware attack that was discovered on New Year’s Eve.

Recommended Videos

Ransomware is malicious software that locks a computer system by encrypting files. Once locked, hackers demand payment from the owner of the system in return for a decryption key to regain access to the data.

Please enable Javascript to view this content

The world’s largest foreign-exchange provider paid the money in the form of Bitcoin, according to a source with knowledge of the matter who spoke to the Wall Street Journal. When details of the ransomware attack were made public in early January, reports suggested the hackers were demanding $6 million, a figure substantially higher than what Travelex has apparently paid.

The attack forced Travelex to take its computer systems offline in January, causing huge problems for its global business. While parts of the Travelex website remained operational, online transactions were suspended. The chaos extended to the company’s vast network of foreign exchange kiosks, too, where staff were forced to resort to using pen and paper to record transactions.

It wasn’t until the second half of February that Travelex was able to get its consumer business fully up and running again.

In the Travelex attack, hackers ordered the London-based firm to pay not only for the decryption key, but also to prevent the publication of various customer data that included payment card information, according to a Financial Times report in January.

Travelex earlier revealed that the perpetrators used malicious software called Sodinokibi, also known as REvil or Sodin, to launch its attack.

A group claiming to be behind the crime told the BBC in January that it accessed Travelex’s computer systems in the summer of 2019, downloading 5GB of customer data in the process.

The Journal’s report also notes how U.S. officials are warning companies to be extra careful when setting up home-working computer networks in response to the coronavirus lockdowns, with cybercriminals eager to exploit any security holes that may result.

No one has yet been arrested in connection with the Travelex ransomware attack and investigators are continuing to work on the case.

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Ransomware attacks have spiked massively. Here’s how to stay safe
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

No one wants to fall victim to ransomware, but a new report from blockchain security firm Chainalysis claims that ransomware payments could be set for a record-breaking year, with criminals raking in close to half a billion dollars just seven months into 2023.

According to the analysis, ransomware payments this year have totaled $449.1 million so far. That’s $175.8 million more than this time last year, suggesting that hackers have doubled down on this method of extracting money from unfortunate victims.

Read more
Hacker sent to jail for huge 2020 Twitter breach
A Twitter logo graphic.

A British man who took part in a high-profile Twitter hack in 2020 was handed a five-year jail term by a New York federal court on Friday.

Joseph O’Connor, 24, had pled guilty in May to four counts of computer hacking, wire fraud, and cyberstalking. He was also ordered to pay $794,000, the amount that he nabbed in the crypto crime.

Read more
Microsoft confirms recent service outages were DDoS attacks
microsoft logo (sign)

Microsoft has shared some information about an outage that impacted its services earlier this month.

The disruption affected the computer giant’s Azure cloud computing platform, along with Microsoft tools such as the Outlook email and OneDrive file-sharing apps.

Read more