Travelex money exchange suffers ransomware infection & shuts down its operations

During the holiday season there is usually an increase in the number of cybersecurity incidents, affecting millions of consumers of products and services, as well as hundreds of widely requested companies during this time of year.

One of the companies affected this time is Travelex, dedicated to money exchange, which suffers an interruption in its services worldwide due to the infection of a dangerous variant of malware detected on New Year’s Eve.

Sources close to the company’s cybersecurity team claim that it is a ransomware infection, which has interrupted virtually all of the company’s systems, making Travelex’s outlets in the United Kingdom, Belgium and many others countries are unable to transact with payment cards.

For obvious reasons Travelex customers have also been affected. Through platforms such as Twitter, hundreds of users say that at the moment they are not able to top up their Travelex payment cards, verify transactions or check their balance. For example, a user originally from Australia posted that she had been stranded in Greece without the possibility of using her Travelex card, as both the company’s website and mobile app were out of order.

The problems continued over the next few days, specifically in the United Kingdom, the Netherlands, Belgium, the United Arab Emirates, Qatar and China, where the company’s digital platforms displayed error messages or blank pages. The company appears to operate normally in the United States and Canada.

Through a statement, Travelex mentioned that the cybersecurity incident is due to “the presence of a computer virus on the internal networks, which compromised the company’s operations on New Year’s Eve; as a security measure, Travelex’s IT team disconnected all potentially compromised systems.”

A screenshot of Travelex statement

As already mentioned, the sources consulted claim that this incident relates to a ransomware infection that has encrypted systems containing sensitive information such as customer names, account numbers, transaction history, between other details.

In these cases it is very common for companies to pay hackers to unlock their data, ensuring an early restoration of operations; however, the International Institute of Cyber Security (IICS) mentions that the best way to deal with these incidents is prevention, informing employees about potential cybersecurity risks and creating backups of critical information for the company in case their systems are compromised.