Travelex Paid $2.3M to Ransomware Hackers Before Hitting New Obstacles

Foreign currency exchange provider Travelex is reported to have paid $2.3 million in bitcoin to restore its network after hackers launched a ransomware attack against the company.

Wall Street Journal reported Travelex decided to pay the 285 bitcoin ransom to the REvil ransomware gang on the recommendation of experts. REvil had threatened to publish the personal statistics of Travelex's customers if the payment wasn't paid.

Travelex, known for its foreign-exchange kiosks in airports and tourist sites worldwide, found itself crippled after a New Year's Eve attack. The company later showed in a statement that its community was offline due to the Sodinokibi ransomware, a.k.a REvil.

Travelex pays the price

The attack forced Travelex to take its networks, consumer-facing sites, and app offline for weeks to forestall the ransomware virus. The incident disrupted cash deliveries from Travelex's global community of vaults to divisions of major international banks, which includes Barclays PLC and Lloyds Banking Group PLC in the United Kingdom.

Asked about the charge, a Travelex spokesman told WSJ the corporation had taken advice from some of the experts. Travelex has kept regulators and partners informed about its efforts to recover the recovery since Jan. 13.

A U.K. regulation-enforcement investigation into the breach is continuing, he said. He declined to comment further on the incident.

The employer said it had started reinstating a number of its operations in January and revived its customer business in the second half of February.

It isn't against U.K. regulations to pay a ransom. However, the U.K.'s National Crime Agency discourages giving in to such demands by criminals. Doing so encourages more criminal behavior even as providing no guarantee that the stolen records are returned, specialists say. Some insurers, however, provide ransom negotiation services as part of their cybersecurity policies.

"It's like with all blackmailers: Paying the ransom, you get put on the payers' list," said Alan Woodward, a cybersecurity professor at the University of Surrey. "You are one of those [that are] most likely to pay up. That makes you a target for everybody else."

Travelex tailspins its shares

Finablr, Travelex's parent company, said it was preparing for a possible collapse as investors started out wondering its economic arrangements and capability to perform amid the pandemic. The enterprise's founder, Bavaguthu Raghuram Shetty, stepped down from the board of London-listed NMC Health PLC earlier in the year amid issues approximately economic irregularities along with understating the health-care provider's debt.

Days later, S&P Global cut Travelex's credit score ratings to junk status, mentioning liquidity constraints and breach of its contractual duties to a few creditors. Finablr's own economic issues depart it not able to guide Travelex, the rankings business enterprise said.

Finablr didn't respond to a request for comment. NMC didn't respond to a request for comment, but the business enterprise said in March that it became trying to apprehend the "nature and quantum" of its debts. Mr. Shetty didn't respond to a request for comment.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics