The world's biggest currency exchange company was hacked, and the data is reportedly being held hostage for $6 million

Advertisement
The world's biggest currency exchange company was hacked, and the data is reportedly being held hostage for $6 million
Travelex

Jeff Greenberg/Universal Images Group via Getty Images

Advertisement
  • Travelex, the world's largest currency exchange, was hacked - and the hackers are holding the company's data ransom for $6 million.
  • The company's exchange services have been offline since the hack was detected on December 31, 2019.
  • Travelex said it doesn't have "a complete picture of all the data" that was taken, but is currently investigating. The hackers, speaking to the BBC, said they took 5 GBs of "valuable customer data."
  • Visit Business Insider's homepage for more stories.

The world's largest foreign currency exchange, Travelex, is offline.

It's been offline for nearly two weeks, since December 31, 2019, when the company discovered a breach by hackers.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

Worse: The hackers claim to have 5 GBs of "valuable customer data" that they intend to sell if Travelex doesn't pay them $6 million by January 14, according to the BBC. That data includes birthdates, credit card information, and more, the hackers said.

"On Tuesday, December 31st, Travelex detected a software virus which had compromised some of its services," the company said in a statement. "On discovering the virus, and as a precautionary measure, Travelex immediately took all its systems offline to prevent the spread of the virus further across the network."

Advertisement

travelex money fxSteve Parsons / PA Archive / Press Association Images

Travelex outposts are most often found in airports.

The virus in question is reportedly the Sodinokibi ransomware, also known as REvil. The virus, in its broadest function, is used to encrypt data and demand a ransom in order to unlock said data.

The hackers said they had access to Travelex's systems for half a year before being detected.

While its systems are offline, Travelex outposts have been using pen and paper to conduct transactions. Employees are calculating currency exchange by hand, using rates provided each morning by the company's central office. Several banks - including Barclays, Royal Bank of Scotland, and HSBC - have been impacted by Travelex going offline, and aren't able to complete foreign currency exchange orders.

Advertisement

Since discovering the hack on New Year's Eve, Travelex says it "has been able to restore a number of internal systems," and it's "working to resume normal operations as quickly as possible."

It's unclear if the company will pay the ransom, nor is it clear if Travelex customers can do anything to protect their data. Travelex representatives did not respond immediately to Business Insider's request for comment.

NOW WATCH: How Hilton, Marriott, and Walt Disney Resorts recycle and donate used hotel soaps

{{}}