After bungling its data breach announcement, Travelex is still declining to say whether it has paid hackers the ransom.
Graham Cluley reports:
Travelex, the foreign currency exchange service whose services have been knocked offline since New Year’s eve by a cyber attack, is declining to say if it has paid a ransom to the criminals responsible.
Earlier today the organisation published a customer update about its ongoing attempts to resume normal operations.
In the update Travelex underlines the message it gave in a press release earlier in the week that it was making "good progress" although it has been widely criticised for its response to the attack. It also continues to warn customers to be on their guard for scammers contacting them via the phone or email.
Travelex is declining to comment on how the REvil ransomware (also known as Sodinokibi) managed to infect its systems. I’ve also not seen them comment on media reports that the hackers responsible for the attack have demanded a $6 million ransom be paid for the safe return of what they claim is 5GB worth of sensitive data.
