Travelex cyberattack leaves customers frustrated

The Travelex cyberattack has left customers frustrated as hackers have locked down their systems and are holding the company to ransom.

We’re taking legal action for the previous Travelex incident, which stemmed from a leak of customer data. As an expert consumer law firm that specialises in data breach compensation, we’ve spoken to the media about this incident and aired our concerns that we’re seeing yet another cyberattack incident taking place; this being one of many that have hit various businesses over the last few years.

This hack may lead to customer information being leaked or sold on for money, so there’s every reason for customers to be concerned; despite assurances from Travelex.

About the Travelex cyberattack

The Travelex cyberattack has affected a number of banks that use their services, which includes Barclays, HSBC, Lloyds and RBS.

It’s understood that hackers are holding the foreign exchange service provider to ransom, and if their demands aren’t met, there are real fears that customer data may be sold. Hackers have broken into Travelex’s systems and have encrypted files that are said to include those containing customer information. The hackers are reportedly threatening to erase data or sell data on unless the company pays them a ransom, which has been reported to be in the region of £4.6m.

This kind of cyberattack is known as a ransomware attack. They’re commonly used by criminals to extort money out of businesses whose files and data become inaccessible, with the keys to unlocking systems with the hackers. Locking data like this can cost businesses thousands of pounds as they’re unable to trade and operate effectively, as we’re seeing in this incident.

Some customers have reported being unable to access foreign currencies ordered via services that Travelex provides. Some have been left without money whilst abroad as they’re forced to wait for Travelex to resolve the ongoing issues.

Customer criticism

The impact of the Travelex cyberattack, and how the company has handled it so far, has led to a number of customers airing their frustrations online. Some say that they’re receiving little to no information and help.

Travelex’s website reportedly stated that they were undergoing ‘routine maintenance’ before their current message which confirms the existence of the virus problem that they’re dealing with. They’re understood to have hired experts to resolve the problem, but we’re now over a week on and some customers are still unable to fully use their services and their website remains inaccessible; save for the information about the attack.

Shares in the company dropped by 17% this week, despite efforts by the company to allay fears over what might happen to the data that has been encrypted by the hackers. Travelex says that there’s currently no evidence that data has been taken, but it’s hard to know what will happen to the information that could be exposed to the hackers.

It has also emerged that companies like Travelex were warned about the type of ransomware that’s being used in this attack some eight months ago. This should have allowed them to ensure that their systems were secure against the threat of the software, yet this hasn’t been the case.

Why people should be worried

The Travelex cyberattack could undoubtedly lead to information being exposed. If hackers have been able to encrypt files, they may also be able to leak data contained within those files.

Although we can only speculate at the moment, and it may be that customer data is saved, it’s impossible to be sure that it will be safe.

It’s understood that Travelex has yet to report the breach themselves to the Information Commissioner’s Office (ICO). Investigations with the Met Police and the National Crime Agency are said to be ongoing.

Dixons Carphone data breach fine

Compensation for a medical information breach