Ransomware gang called Sodinokibi is demanding Travelex pay $6 million, according to BBC News
Travelex Holdings, the London-based foreign exchange company, said it’s been successful in containing the spread of a cyber-attack that forced the firm to suspend services across 30 countries.
It said in a statement on Wednesday that sensitive customer data appeared not to be compromised, and that it was now restoring internal systems.
“Whilst there has been some data encryption, there is no evidence that structured personal customer data has been encrypted,” Travelex said in the statement. “There is still no evidence that any data has been exfiltrated.”
Shares in parent company Finablr PLC dropped 14% in early trading Wednesday. Investors also sold $75 million in shares via a placement that launched on Tuesday.
BBC News earlier reported that hackers claiming responsibility for the attack were demanding Travelex pay $6 million (4.6 million pounds). They told the news site they’d gained access to the firm’s computer network six months ago and had downloaded 5 gigabytes of sensitive customer data.
Travelex confirmed the discovery of a software virus on Jan. 2, and said in a statement on its website that IT specialists and cybersecurity experts are working to isolate the virus.
“Our investigation to date shows no indication that any personal or customer data has been compromised,” it said in a statement at the time. Travelex couldn’t immediately be reached for comment Tuesday.
Meanwhile, Travelex’s network of branches is continuing to provide foreign exchange services manually.
Travelex said in a statement Tuesday that it is in discussions with the National Crime Agency and the Metropolitan Police “who are conducting their own criminal investigations, as well as its regulators across the world.”
Ransomware attacks have become a major source of concern for companies and infrastructure in the UK, the US and elsewhere. Companies, like Norsk Hydro ASA in Norway, have lost millions after being halted for sometimes weeks to restore operations.