The British Travelex Travel Exchange has become the victim of a ransomware attack, following an “infection” with a virus. The attack took place in New Year’s Eve, when most of the company’s employees were free.
Travelex announced on twitter that it has suspended sites and servers to prevent the virus from spreading. The company operates in approximately 30 countries, with over 1200 locations in total.
Statement on IT issues affecting Travelex Services pic.twitter.com/rpKagJLykn
– Travelex UK (@TravelexUK) January 2, 2020
The victim of a ransomware attack worth $ 6 million
The BBC report added that the attack was undertaken by a group of ransomware hackers called Sodinokibi. The group, also known as REvil, first appeared in April 2019. They asked for a $ 6 million reward in Bitcoin, which should be paid on a site registered in China.
Hackers said that if Travelex pays the reward, they will provide the company with the tools needed to decrypt files.
The press also reported that computers containing sensitive information, such as customer names and bank accounts and transaction details, were infected by malware. It added a random string at the end of each encrypted file.
A number of other UK-based companies that rely on Travelex services have also been affected. These include Sainsbury’s Bank, Barclays, HSBC, Virgin Money, First Direct and Asda Money.
Currently, customers do not have the opportunity to access their funds or carry out transactions with Travelex currency cards.
The attack is the latest in a growing trend of ransomware in 2019. Last month, for example, hackers demanded a bitcoin buyback from vulnerable camera users sold by Amazon and its subsidiary Ring.