Skip to main content

Travelex paid $2.3 million in ransom to restore its systems

(Image credit: Image Credit: WK1003Mike / Shutterstock )

Remember the Travelex data breach reported at the very start of 2020, which was said not to have been a ransomware attack?

According to fresh information from the Wall Street Journal, not only was the company hit with ransomware, but customer data was also stolen in the process. Travelex subsequently paid a ransom fee of $2.3 million for the return of its data and reactivation of its network.

The company, which was forced to shut down 1,500 of its store as a direct result of the attack, was infected by the Sodinokibi ransomware. Its operators were contacted by Bleeping Computer, and confirmed they infected the network, forced it offline, deleted backup files and copied more than 5GB of personal data.

It is believed the group demanded $3 million in ransom and threatened to release the data on hacking forums unless Travelex complied. Allegedly, Travelex paid $2.3 million, with operations resuming on January 17.

The company has said it will not comment on the issue until investigations have closed.