Travelex takes down currency exchange website following New Year's Eve cyber attack

clock
Travellers across the world have been affected by the alleged cyber attack on Travelex
Image:

Travellers across the world have been affected by the alleged cyber attack on Travelex

Travelex claims it took down its systems after identifying a virus, but refuses to provide more information

Travelex has taken down its currency exchange website following a cyber attack in the form of a virus identified on New Years Eve.

The foreign exchange giant claims that customer data has not been compromised as a result of the breach, but has not divulged more details. It has reverted to manual procedures in its branches as a result of the attack.

In particular, holiday makers that had been using Travelex Money Cards, topping up as they go, have been most affected.

The company said that it had drafted in specialist security teams to deal with the outbreak, while its IT staff had also been called-in to work over the holiday period.

Travelex CEO Tony D'Souza said: "We regret having to suspend some of our services in order to contain the virus and protect data. We apologise to all our customers for any inconvenience caused as a result. We are doing all we can to restore our full services as soon as possible."

As of 3pm on the afternoon of Friday 3rd January, the site remains down and customers have been scathing about the company's incident response handling.

"This incident plus your appalling incident management plans and customer service have ruined our trip. Too many unanswered emails and false promises," tweeted recruiter Matt Bartlett, stuck in Canada with no access to money.

Furthermore, the company hasn't provided much more detail about the nature of the attack, leaving industry experts to conjecture about its type and extent.

While Comparitech privacy advocate Paul Bischoff suggested that it might be a targeted attack, he also suggested that it may be down to ransomware. "Data breaches usually happen quietly unbeknownst to the victim. Ransomware seems a likely culprit, but it's difficult to say without more details," said Bischoff, adding that the shutdown could cause some business damage for Travelex.

"Travelex has so far handled the incident well due to its quick response time, and it is good to see personal and customer information does not appear to have been breached. Having a well-tested resilience plan in place that covers the technical aspects, communication with the public and clear responsibilities for handling incidents can ultimately make a difference between a costly response and maintaining customer trust," said Iain Kothari-Johnson, financial services lead for Cyber Security at Fujitsu UK.

He continued: "'Break-glass incident response services', where experts are on-hand to rapidly investigate and mitigate threats, can also help reduce the financial and reputational impact of this type of incident and should be considered as part of any good resilience plan."

Travelex has been progressive in terms of its adoption of IT, shifting elements of its IT infrastructure into the cloud with a migration to Workday five or so years ago, for example, and being an early adopted of serverless computing. 

All Computing's coverage of the Travelex ransomware outbreak

More on Storage

Industry Voice: Why grabbing the opportunity of IAM is about more than just identity

Industry Voice: Why grabbing the opportunity of IAM is about more than just identity

Okta
clock 05 January 2022 • 3 min read
Why full-stack observability is critical for a successful DevSecOps approach

Why full-stack observability is critical for a successful DevSecOps approach

In the face of ever-growing security threats, DevSecOps teams need full-stack observability to help break down siloes and allow technologists to continue to deliver innovation, argues Erwan Paccard, Director of Product Marketing at Cisco AppDynamics

Erwan Paccard
clock 15 December 2021 • 5 min read
Cloud adoption and the rise of modern cloud-native apps will define the year ahead

All cloud, all-flash: An interview with Pure Storage's Wes van den Berg

Cloud and container adoption will define the next 12 months

Computing Staff
clock 26 November 2021 • 3 min read