Travelex UK Website Still Down After Cyberattack

The British website of foreign currency seller Travelex remains offline as of Friday 3 January, after being taken down following a cyber-attack on Monday 30 December (New Years Eve).

The good news is that an investigation has shown there is no indication the virus has compromised any personal or customer data.

But the fact that nearly a working week later and the website still remains offline following the attack, will be sure to annoy other foreign currency providers (such as Tesco Bank) that rely on Travelex.

Cyber attack

Travelex confirmed the cyber-attack in a statement on Twitter.

“Travelex confirms that a software virus was discovered on New Year’s Eve which has compromised some of its services,” it said. “As a precautionary measure in order to protect data and prevent the spread of the virus, we immediately took all our services offline. Our investigation to date shows no indication that any personal or customer data has been compromised.”

It said that its branches continues to provide services manually, and that it had deployed teams of IT specialists and external cyber security experts to “isolate the virus and restore affected systems.”

“We regret having to suspend some of our services in order to contain the virus and protect data,” Travelex chief executive Tony D’Souza was quoted by the BBC as saying.

“We apologize to all our customers for any inconvenience caused as a result and are doing all we can to restore our full services as soon as possible,” he added.

Travelex of course is global brand and is a major foreign currency exchanger that is said to have a presence in more than 70 countries and more than 1,200 branches and 1,000 ATMs worldwide.

It provides both online foreign currency exchange as well as over the counter (OTC) exchange services at various branches across the globe. This includes major airports and tourist destinations.

It is said to be process more than 5,000 currency transactions every hour.

Ransomware attack?

Security experts were quick to note the attack seemed to be limited to the firm’s website, as it was still able to process transactions manually.

“Details are very limited at this point as to what the cause of the attack was and to which extent Travelex systems have been impacted,” said Javvad Malik, security awareness advocate at KnowBe4.

“The fact that the company can still conduct transactions over the counter would indicate that the attack is limited to the website and its functionality,” said Malik. “Websites are the face of a company and are subject to the most attacks. It is important for companies to conduct regular security checks such as penetration testing, as well as vulnerability scan and regular assurance checks against the processing to ensure all public-facing aspects are up to date and running as secure as possible.”

“Not only does such an attack bring services down, but depending on the vulnerability exploited and the duration for which it goes undetected, it can impact customers too,” he warned.

Meanwhile Paul Bischoff, privacy advocate at Comparitech.com noted that the attacked seemed to be designed to disrupt services, rather than steal data.

“Travelex has been tight-lipped about the details of the virus so far,” said Bischoff. “Given that no customer data was leaked, I suspect the attack was intended to disrupt services rather than covertly steal information.”

“Data breaches usually happen quietly unbeknownst to the victim,” Bischoff said. “Ransomware seems a likely culprit, but it’s difficult to say without more details. While customer info seems to be safe, that doesn’t mean their funds are.”

“A shutdown like this can cause a lot of financial damage as a result of lost business, as well as reputational damage that can lead to other businesses breaking ties and looking elsewhere for Forex services,” Bischoff concluded.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

3 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

3 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

4 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

6 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

9 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

9 hours ago