After suffering a ransomware attack earlier this year, Travelex reportedly paid a $2.3m ransom payment to get its systems back online after they were encrypted.
Back in January of this year, hackers deployed the Sodinokibi ransomware throughout the foreign exchange company's network which led it to shut down operations at 1,500 stores around the world.
The cybercriminals behind the Sodinokibi ransomware were able to encrypt the company's entire network, delete backup files and copy more than 5GB of personal data. To make things worse, this data allegedly contained dates of birth, Social Security numbers and credit card data.
- Travelex website was hit by Sodinokibi ransomware
- FBI: Over $140 million handed over to ransomware attackers
- Maze ransomware hits insurance giant Chubb
In order for Travelex to recover its files, the cybercriminals demanded a three million dollar ransom and threatened to release the data if they were not paid. When it seemed like the company wouldn't pay the ransom, they began to post threats on hacker forums saying they would release the data if their demands were not met.
According to a new report from the Wall Street Journal, Travelex eventually did end up paying a $2.3m ransom to get its network back up and running. A person familiar with the matter told the news outlet of the transaction, saying:
"Travelex, known for its ubiquitous foreign-exchange kiosks in airports and tourist sites around the world, was shut down by a computer virus that infiltrated its networks early this year. It responded by paying the hackers the equivalent of $2.3 million, according to a person familiar with the transaction.”
The company suffered a ransomware attack in early January but it resumed operations on January 17 which suggests that Travelex did in fact pay the ransom to have its files decrypted.
Travelex may be back in business but those whose data was potentially compromised could still be at risk of potential cyberattacks or identity fraud.
- Also check out our roundup of the best antivirus software
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.