Currency Exchange giant Travelex became the latest major victim of ransomware Sodinokibi, with the hackers said to demand $3 Million in Bitcoin , per ComputerWeekly.com.
Owned by the Abu Dhabi financial services group Finabir, Travelex has a presence in 70 countries with its online fiat exchange and also currency exchange counters.
The attack on Travelex was initiated in the early hours of December 31, and since the company has shut its services to stop the virus' propagation further into its network.
Though officially not revealed, many media reports claim that the attackers are seeking $3 million as the extortion amount.
SaaS for criminals
Sodinokibi, popularly known as REvil, is infamous ransomware and works like a software-as-a-service (SaaS). Criminals can hire the program on the darknet and customize according to their needs. The developers of the ransomware demand cut from the extortion profits.
The London-headquartered company is now in talks with the National Crime Agency (NCA) and the Metropolitan Police, along with other global regulators, for criminal investigation.
In his statement, Tony D'Souza, chief executive of Travelex, also assured that there had been no evidence of data breach or theft yet despite the lockdown of its systems.
However, according to The Guardian, hackers are threatening to publish Travelex customers’ sensitive data, including social security numbers, birth dates, and credit card information.
“Our focus is on communicating directly with our partners and customers to protect them and their information from any further compromise,” D'Souza said.
“We take very seriously our responsibility to protect the privacy and security of our partner and customer's data as well as provide an excellent service to our customers and we sincerely apologize for the inconvenience caused. Travelex continues to offer services to its customers on a manual basis and is continuing to provide alternative customer solutions in the interim. We are working tirelessly to bring our systems back online.”