Travelex says some in-store systems are back up and running after ransomware attack

Travelex says it has restored more of its customer-facing systems following a ransomware attack which hit the currency exchange service on New Year's Eve.

Following tests, some in-branch systems used by staff in Travelex stores and their partner companies in the UK have been restored, while the company says it expects to begin testing in-branch services in stores outside the UK 'this week'.

It marks part of what the company describes as "the phased restoration" of systems across the globe. However, at the time of writing, the main Travelex website remains down, 18 days on from the initial attack using the Sodinokibi ransomware.

SEE:  A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)  

The malware – also known as REvil – caused the widespread encryption of files on the corporate network and at least some customer data has been encrypted by the ransomware, although the company maintains that none of this data has been stolen as a result of attack.

"We are undertaking extensive forensic analyses with our expert advisers and the investigation is ongoing. To date there is no evidence that any data has left the organisation," said a statement in a customer FAQ about the incident.

The customer information hub – which went live today – also features a video message from Travelex CEO Alex D'Souza.

"We don't just want to get back to business as usual. We want to build a better stronger business, which gives you full confidence in the integrity and resilience of our technology," he said, although he didn't detail how the company will go about doing this.

"I would like to thank our partners and customers for supporting us and confirm we will continue to restore systems as quickly as possible," D'Souza added.

Authorities including the Metropolitan Police and the National Cyber Security Centre (NCSC) have been informed about the ransomware attack and the latter has issued a reminder on how organisations can attempt to protect themselves against falling victim to a ransomware attack.

More on ransomware and cybersecurity

• 30 years of ransomware: How one bizarre attack laid the foundations for the malware taking over the world
• US mayors resolve not to pay hackers over ransomware attacks CNET
• Ransomware: 11 steps you should take to protect against disaster
• Ransomware attacks on businesses up 365% this year TechRepublic
• Ransomware: Why we're still losing the fight – and the changes you need to make, before it's too late