Travelex suspends services after malware attack

Travelex, a major international foreign currency exchange, has confirmed it has suspended some services after it was hit by malware on December 31.

The London-based company, which operates more than 1,500 stores globally, said it took systems offline “as a precautionary measure in order to protect data” and to stop the spread of the malware.

Its U.K. website is currently offline, displaying a “server error” page. Its corporate site said the site was offline while it makes “upgrades.”  According to a tweet, Travelex said staff are “unable to perform transactions on the website or through the app.” Some stores are said to be manually processing customer requests.

Other companies, like Tesco Bank, which rely on Travelex for some services, have also struggled during the outage.

Travelex’s U.K. website is currently offline (Screenshot: TechCrunch)

The company said no customer data has been compromised “to date,” but did not elaborate or provide evidence for the claim.

The company declined to identify the kind of malware used in the attack, citing an ongoing forensic investigation. In the past year, several high-profile companies have been increasingly targeted by ransomware, a data encrypting malware which only unscrambles the data once a ransom has been paid. Aluminum manufacturing giant Norsk Hydro and the U.K. Police Federation were both hit in March, then Arizona Beverages and Aebi Schmidt in April, and shipping company Pitney Bowes in October.

Several local and state governments have also been attacked by ransomware. New Orleans declared a state of emergency last month after its systems were hit by ransomware.

A Travelex spokesperson would not comment beyond the statement.