Currency exchange company, Travelex, paid hackers several million dollars in Bitcoin to regain access to its computer systems, according to reports from the Wall Street Journal.
On New Year’s Eve, the company fell victim to devastating ransomware known as Sodinokibi, which left both the company and holidaymakers in turmoil. At the time, personnel were forced to revert to pen and paper to calculate currency exchanges.
Throughout much of January, most of the company’s internal networks were also taken offline along with its app and customer websites. A UK police investigation into the cyberattack is currently underway and attempts are being made to track down the culprit(s).
Travelex revealed the cyberattack at the time, however, until now details of how it regained access had not been disclosed. According to initial BBC reports, hackers demanded the company pay a $6 million (£4.6m) ransom.
The Wall Street Journal revealed yesterday (9th April) that the London-based firm paid 285 BTC, which is the equivalent of $2.3 million (£1.84m). Travelex told the publication that it decided to pay the fine based on the advice of experts. The firm also insisted that appropriate regulators were kept informed throughout the ransom recovery process.
Travelex isn’t the first – and likely won’t be the last – organisation to fork out a ransom to hackers. In the past two years, a number of local governments in the US made headlines for their decision to pay millions of dollars in ransom payments.
Local authorities in Key Biscayne, Riviera Beach and Lake City were crippled by severe malware attacks in 2019. These ransomware attacks saw the latter two pay $600,000 and $500,000 respectively to cybercriminals.
- Glasgow data recovery firm accused of negotiating with hackers
- 5 of the worst ransomware attacks in recent years
- Cybercriminals preying on COVID-19 confusion, NCSC warns
Paying ransoms isn’t against the law in the UK. However, law enforcement advises against it. Last year, Police Scotland issued advice for companies to follow in the event that they fall prey to a ransomware attack.
At the time, James Archbold of Police Scotland’s Cybercrime Prevention Team said: “My first advice is not to pay the ransom. There is no guarantee that you will get access to your data or device and your device will still be infected.
“In some instances, devices can be unlocked utilising a free, police and industry-backed Europol initiative, No More Ransom.”