Start using our Exchange Rates API
Start using our data in your applications programmatically. No credit card is required to start.
Foreign exchange company Travelex is back online with some of its electronic services after its system was brought down by hackers nearly two weeks ago.
A cyberattack demanded ransom and blacked out the company’s systems and online services, forcing the foreign exchange giant to manually service thousands of customers.
The ransomware gang Sodinokibi was blamed for demanding $6m (£4.6m) in exchange for customer data. Travelex said the malware was kept in check and customer data was not compromised.
“Based on Travelex’s extensive internal assessments and the analyses conducted by its expert partners there, is no evidence to suggest that customer data has been compromised,” the company said.
In an email, Travelex — owned by Finablr — said it would “continue to make good progress with our recovery and have already completed a considerable amount in the background. … We are now at the point where we are able to start restoring functionality in our partner and customer service.”
Travelex has a presence in more than 70 countries and had to service customers in person at 1,200 locations worldwide while recovering its systems.
Travelex said it will continue to communicate with partners about restarting services and “provide a roadmap” for authorities. The currency trader said it had restored some of its internal and order processing systems and was providing refunds to customers “where appropriate.”
Officials at the Albany International Airport paid a ransom to cybercriminals after the facility’s systems were hit with the Sodiniokibi ransomware strain on Christmas, the Albany Times Union reported. The incident is being investigated by the FBI and the New York State Cyber Command.
Travelex early this year acknowledged a “software virus” that was the work of Sodinokibi, which also goes by the REvil moniker. The ransomware gang asked for $6 million in exchange for encrypted customer data. The company said in a statement that the data had not been compromised, adding that “we have now contained the virus and are working to restore our systems and resume normal operations as quickly as possible. Travelex’s network of branches continues to provide foreign exchange services manually.”