Cybercriminals demanded $3 million ransom from Travelex

The hackers behind a cyber attack on a foreign exchange firm Travelex ordered to pay $3 million ransom to release their grips on its system.

The group behind the attack told Bleeping Computer that they had encrypted the entire Travelex and copied more than 5GB of personally identifiable information (PII), including sensitive data.

Hackers threatened to publish data if Travelex failed to pay group’s ransom. Kevin Beaumont, a security researcher posted on social media that Travelex is using the “an incredibly bad vulnerability”.

According to Beaumont, the flaw allow those without valid username and passwords to remotely connect to the corporate network and switch off two-factor authentication. 

Firm provides currency exchange services for consumers as well as banks like HSBC, Barclays, and Virgin Money. The banks have suspended their currency exchange and Travel money services. Travelex responds that they are “working around the clock” to fix the issue. 

The attack occurred following the New Year Eve’s and the despite the reports that downtime has been caused by a cyberattack, communications from Travelex maintained that the issues are due to a scheduled maintenance.