- Jeff Greenberg/Universal Images Group via Getty Images
- Travelex, the world’s largest currency exchange, was hacked – and the hackers are holding the company’s data ransom for $6 million.
- The company’s exchange services have been offline since the hack was detected on December 31, 2019.
- Travelex said it doesn’t have “a complete picture of all the data” that was taken, but is currently investigating. The hackers, speaking to the BBC, said they took 5 GBs of “valuable customer data.”
- Visit Business Insider’s homepage for more stories.
The world’s largest foreign currency exchange, Travelex, is offline.
It’s been offline for nearly two weeks, since December 31, 2019, when the company discovered a breach by hackers.
Worse: The hackers claim to have 5 GBs of “valuable customer data” that they intend to sell if Travelex doesn’t pay them $6 million by January 14, according to the BBC. That data includes birthdates, credit card information, and more, the hackers said.
“On Tuesday, December 31st, Travelex detected a software virus which had compromised some of its services,” the company said in a statement. “On discovering the virus, and as a precautionary measure, Travelex immediately took all its systems offline to prevent the spread of the virus further across the network.”
The virus in question is reportedly the Sodinokibi ransomware, also known as REvil. The virus, in its broadest function, is used to encrypt data and demand a ransom in order to unlock said data.
The hackers said they had access to Travelex’s systems for half a year before being detected.
While its systems are offline, Travelex outposts have been using pen and paper to conduct transactions. Employees are calculating currency exchange by hand, using rates provided each morning by the company’s central office. Several banks – including Barclays, Royal Bank of Scotland, and HSBC – have been impacted by Travelex going offline, and aren’t able to complete foreign currency exchange orders.
Since discovering the hack on New Year’s Eve, Travelex says it “has been able to restore a number of internal systems,” and it’s “working to resume normal operations as quickly as possible.”
It’s unclear if the company will pay the ransom, nor is it clear if Travelex customers can do anything to protect their data. Travelex representatives did not respond immediately to Business Insider’s request for comment.