Travelex boss, Tony D’Souza, has finally broken his silence 17 days after the foreign exchange company got struck by a ransomware attack.
Since suffering the attack, the firm has released a number of short statements, however in a video uploaded today on the firm’s website, D’Souza announced that the IT system utilised by in-store staff was working again.
Travelex detected the attack on New Year’s Eve, to which in response the company took its website offline.
“When we first discovered the virus, we took the tough decision to first isolate the parts of the business where it was initially found and then take down the rest of our systems,” said D’Souza.
“This enabled us to prevent its spread and minimise the damage. The majority of our business did, in fact, remain operational. We could – and did – continue to provide many of our customer services through our retail outlets, even though some of the central system necessary to provide online services, and manage our wholesale and outsourcing services were unavailable.”
D’Souza added that the company’s priority is now “on restoring our systems so that our range of services is up and running. That means you can transact with us in the way that is most convenient to you… We are now making good progress towards recovery in a managed way, putting integrity and security at the heart of our plans.
“And also enhancing parts of our infrastructure in line with our technology strategy. We don’t just want to get back to business as usual. We want to build a better, stronger business, which gives you full confidence in the integrity and resilience of our technology.”
D’Souza did not disclose if the company paid the ransom, which was initially reported as $3 million but later raised to $6 million, adding that discussing the details of the attack was “not appropriate.”
D’Souza maintains that there is no evidence to show that any data has left the organisation.
The threat group behind the attack, REvil, told the BBC that it had gained access to Travelex’s computer network six months ago and had downloaded 5GB of customer data, including dates of birth, credit card information and national insurance numbers.
“I would like to thank our partners and customers for supporting us and confirm we will continue to restore systems as quickly as possible,” D’Souza added.