UAE-based Finablr, the majority owner of Travelex, said a cyberattack on its foreign exchange services unit that forced the company to take its systems offline, is not likely to have a "material financial impact" on the group.
London Stock Exchange-listed payments firm Finablr said its six other brands, which include UAE Exchange and Xpress Money, are not affected and are operating normally, according to a bourse filing on Wednesday.
The holding company “continues to monitor the situation closely and will update the market as required”, it said.
Travelex in a January 2 statement said it detected a software virus on December 31 which had compromised some of its services and as a “precautionary measure in order to protect data and prevent the spread of the virus”, the London-headquartered company immediately took down its websites across 30 countries.
While the investigation is ongoing, Travelex confirmed in an updated statement on Tuesday that the virus is ransomware known as Sodinokibi, also commonly referred to as REvil. Ransomware is a type of virus that prevents users from accessing their system or personal files and demands ransom payment in order to regain access.
The Sodinokibi ransomware gang said it wants Travelex to pay them $6 million (Dh22m) or risk the sale of sensitive customer data, the BBC reported on Tuesday. They claimed to have gained access to the company’s computer network six months ago and said they obtained dates of birth, credit card information and national insurance numbers.
Travelex said there has been some data encryption, but “there is no evidence that structured personal customer data has been encrypted” or that any data has been “exfiltrated”.
“Our focus is on communicating directly with our partners and customers to protect them and their information from any further compromise,” said Tony D'Souza, chief executive of Travelex, in the statement.
“We take very seriously our responsibility to protect the privacy and security of our partner and customers' data as well as provide an excellent service to our customers and we sincerely apologise for the inconvenience caused.”
The UK's National Crime Agency and the Metropolitan Police are conducting their own criminal investigations, and Travelex said it is also in discussions with its regulators across the world.
Travelex said it has been able to restore a number of internal systems and is “working tirelessly” to bring its systems back online. In the meantime, it continues to offer services to its customers manually.
Before Travelex issued a release on January 2, its websites said the site was down for a “planned maintenance”. Unhappy customers took to Twitter to express their frustrations at the lack of communication.
Travelex partners, such as Tesco Bank, Sainsbury Bank, Virgin Money and HSBC’s First Direct, have all been unable to offer online travel money services due to the shutdown.
Finablr founder Bavaguthu Raghuram Shetty, supported by Abu Dhabi-based Centurion Investments bought a majority stake in Travelex in 2014 for a reported £1 billion (Dh4.8bn) from private equity company Apax Partners.
Set up in April 2018 to consolidate Mr Shetty’s financial services brands, Finablr floated on the LSE in May last year after completing an initial public offering that valued the firm at $1.6bn (Dh5.9bn).
Finablr shares were trading almost 20 per cent lower by 4pm at 129.2p on the London Stock Exchange after the company made its announcement and said that two major shareholders had sold 40.5 million shares, or 6 per cent of the company. The company's share price has fallen by 60 per cent since its most recent peak in mid-December of 215p per share.
Finablr, whose business spans over 170 countries, processed nearly $115 billion (Dh422bn) in transactions in 2018.