On New Year’s Eve foreign currency exchange service Travelex took its systems offline after discovering a virus.
The company website is still offline, showing only a “Planned Maintenance” message in a number of languages.
Travelex are keeping very quiet about the situation and customers have not been sent any communication about the cyber attack, but queries are being replied to on social media.
Very little is known at the moment about the nature of the attack, although Ransonmare is a likely culprit given that the Met Police have recently published a statement saying that “On Thursday, 2 January, the Met’s Cyber Crime Team were contacted with regards to a reported ransomware attack involving a foreign currency exchange. Enquiries into the circumstances are ongoing.”
The attack has also had a knock on effect, with other banks who use Travelex’s services unable to sell currency online. HSBC, Sainsbury’s Bank and Virgin Money are some of the firms affected.
Back in September, security researcher Troy Mursch shared details of security vulnerabilities he discovered on Travelex’s infrastructure on Twitter, but he never received a response from the company.
The recovery operation is being co-ordinated from a Travelex office in the UK and the company insists that no customer data has been leaked.
But it would not say what data could potentially be at risk.