Over the last few days Finablr (LON:FIN) have seen their shares in free fall following a vicious cyber attack on Travelex.
Today, the firm has tried to reassure shareholders about the potency on the attack saying that it had been contained and that no consumer data has been stolen.
Travelex who was the victim of the vicious cyber attack has a presence in more than 70 countries, and holds a portfolio over 1,200 branches and 1,000 ATM’s worldwide.
Customers of Travelex have said that they have been caught up with their money being left in the midst of a cyber attack.
One customer, Natalie Whiting from Stevenage, ordered £1,000 worth of euros online through Tesco (LON:TSCO).
“I haven’t been able to get a refund of my money, it just seems to be in limbo,” she told the BBC.
As far as public media is aware, the criminals behind the attack have said that are demanding a ransom of £4.6 million or the threat of leaking data and deletion of systems has been poised.
In response to the cyber-attack, which was first discovered on New Year’s Eve, Travelex took all computer systems offline, affecting thousands of sites in dozens of countries.
Cashiers have reportedly been using pen and paper to allow cash flows to continue but high street orders have been happened.
Business partners which rely on Travelex for currency services, like Sainsbury’s, (LON:SBRY) Tesco and Virgin Money (LON:VMUK) have also been affected.
“I ordered over £1,000 of euros from Tesco bank online for collection in my local Tesco store on 31 December, ready to be collected on 3 January,” Ms Whiting told the BBC.
“The money was taken from my account and an order confirmation was sent to me, but I went to Tesco to collect my euros last Friday to be told of the Travelex issue.
“I am now £1,000 out of pocket after saving up for so long and there’s no information or help.”
Are Finablr sorting out the crisis?
“Travelex been successful in containing the spread of the ransomware. Travelex has also confirmed whilst there has been some data encryption, there is no evidence structured personal customer data has been encrypted, and there is still no evidence any data has been exfiltrated,” said Finablr on Wednesday.
“Travelex is gradually restoring a number of internal systems and is working to resume normal operations as quickly as possible.”
“Finablr’s other six brands are not affected and are operating normally. Finablr does not currently anticipate any material financial impact for the group, continues to monitor the situation closely and will update the market as required,” the company continued.
However, a Travelex spokeswoman said on Tuesday night in a statement: “Whilst the investigation is still ongoing, Travelex has confirmed that the software virus is ransomware known as Sodinokibi, also commonly referred to as REvil.”
“Travelex has proactively taken steps to contain the spread of the ransomware, which has been successful. To date, the company can confirm that whilst there has been some data encryption, there is no evidence that structured personal customer data has been encrypted.
“Whist Travelex does not yet have a complete picture of all the data that has been encrypted, there is still no evidence to date that any data has been exfiltrated.”
Reports have suggests that a ransomware gang called Sodinokibi carried out the attack.
The gang have made claims that it first accessed the company’s computer network six months ago and since have downloaded 5GB of customer data, something which will worry the market and consumers.
Certainly, Finablr will be working swiftly with the relevant legal departments to ensure that this issue is resolved before further escalation occurs.
Shares in Finablr crashed 15.84% to 130p on Wednesday afternoon. 8/1/20 14:04BST.
