Foreign exchange company Travelex announced that it had temporarily disabled all of its systems following a malware attack. Twitter user Izzy Fergus first noticed something was wrong when she attempted to visit travelex.co.uk and saw a runtime error message. When she reached out to the company on Twitter, Travelex UK informed her that it was experiencing IT issues and as result was "unable to perform transactions on the website or through the app." https://twitter.com/TravelexUK/status/1212745741199978497 It was a just a few hours later when Travelex posted a statement on Twitter. https://twitter.com/TravelexUK/status/1212840156480315401 In it, the company disclosed that a computer virus had infected some of its systems. To prevent the spread of the malware, it said that it had "immediately [taken] all of [its] systems offline." It explained that it had also launched an investigation that had thus far found no evidence of digital attackers having compromised customers' data. The London-based company, which operates 1,500 stores globally, did not go into details about the type or identity of malware that was behind the attack. Tony D‘Souza, Travelex’s chief executive, apologized for the inconvenience caused by the attack and the company's response to it. As quoted by The Guardian:
We regret having to suspend some of our services in order to contain the virus and protect data. We apologise to all our customers for any inconvenience caused as a result. We are doing all we can to restore our full services as soon as possible.
In addition to customers, the shutdown also affected other organizations like Tesco Bank that rely on Travelex for certain services. As of this writing, travelex.co.uk was still offline, though travelex.com loaded without an issue. This incident highlights the need for financial services companies to strengthen their digital security against the threat of a malware attack. They can do so by following all three stages necessary for mounting a modern malware defense program. They should also consider investing in a solution like Tripwire File Analyzer that's capable of VM sandboxing and providing behavioral visibility into monitored systems.
