Travelex said it had taken down its site to contain a malware attack that began New Year’s Eve.
The international foreign currency exchange said it took systems offline “as a precautionary measure in order to protect data” and to stop the spread of the attack. There is no timeline for when the Travelex website will be restored.
The company said it discovered a software virus but that its network of branches was still providing foreign exchange services manually.
Travelex did not elaborate on the specifics of the malware attack, citing an ongoing forensic investigation. It said there was no indication that personal data or customer data had been compromised.
“We have deployed teams of IT specialists and external cybersecurity experts who have been working continuously since New Year’s Eve to isolate the virus and restore affected systems,” the company said.
The Travelex platform is used by banks to provide online banking services to travelers. Sainsbury’s Bank, Barclays, and HSBC were among the banks affected indirectly by the attack.
“Unfortunately, our online travel money service is currently unavailable due to a service issue with third-party service provider, Travelex,” said a spokesperson for First Direct, which is owned by HSBC.
A spokesperson for Sainsbury’s told the BBC the company was, “in close contact with Travelex so that we can resume our online service as soon as possible.”
“We regret having to suspend some of our services in order to contain the virus and protect data,” Travelex chief executive officer Tony D’Souza said.
In 2018, thousands of Tesco Bank customers had personal information leaked after Travelex mistakenly shared a customer database.
London-based Travelex operates more than 1,500 stores around the world and processes more than 5,000 currency transactions per hour.
Jeff Greenberg/Universal Images Group via Getty Images