Lumbering foreign exchange giant Travelex insists it is ready to restore its online services, some two weeks after pulling its systems offline, although it refuses to say whether it has paid hackers the $6m (£4.6m) ransom they were demanding to free up its files.
The attack, which began on New Year’s Eve, is claimed to be the work of ransomware gang Sodinokibi, also known as REvil, which says it has accessed dates of birth, credit card information and National Insurance numbers.
The attack has hit millions of Travelex’s own customers as well as those of partner retailers such as Sainsbury’s, Tesco and Virgin Money. It has also left more than a dozen banks in the UK, including the Royal Bank of Scotland, NatWest, First Direct, Barclays and Lloyds, which rely on Travelex to provide services, unable to provide foreign exchange services.
Travelex claims to have restored some of its internal order processing systems and is starting to restore customer-facing systems, beginning with in-store computer systems used to process electronic orders.
The firm’s chief executive, Tony D’Souza, explained: “We are now at the point where we are able to start restoring functionality in our partner and customer services and will be giving our partners additional detail on what that will look like during the course of this week.”
The Information Commissioner’s Office confirmed Travelex had still not reported a data breach. A spokesman said: “We are in contact with Travelex and giving advice on potential personal data issues following the recent ransomware attack. The company has not reported a data breach.
“If an organisation decides that a breach doesn’t need to be reported they should keep their own record of it and be able to explain why it wasn’t reported if necessary. Organisations must notify the ICO within 72 hours of becoming aware of a personal data breach unless it does not pose a risk to people’s rights and freedoms.”
Storm clouds gather over Travelex for hack blackout
17,000 Tesco customers hit by Travelex data breach
Top tourist attractions hit by 110m data theft attacks
Half of UK firms would pay ransom to avoid GDPR fine
Over 40% of firms suffered cyber breach in past year
Firms warned over new wave of nefarious cyber attacks