Exploit: Ransomware
Travelex: Foreign exchange company
Risk to Small Business: 1.703 = Severe
Hackers stole and encrypted company data, and they are threatening to publish the information if Travelex doesn’t pay a significant ransom. The attack was first reported by hackers in January when they indicated to media sources that they copied and encrypted 5GB of personal data. Ultimately, the attack has cost Travelex more than $2 million. Hackers exploited a flaw in VPN software to gain access to the network, and cybersecurity researchers believe that hackers had access to the company’s network well before they encrypted its data.
Individual Risk: 2.711 = Moderate
While it’s unclear what specific data categories were accessible to hackers, stealing and publishing personal data is one of the latest threats to accompany a ransomware attack. Travelex customers should be vigilant to monitor their accounts for unusual activity and their incoming messages for signs of phishing scams.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware attacks are incredibly costly, and their repercussions can reverberate through companies for years. Protecting against potential vulnerabilities that give hackers a foothold must be a top priority for companies looking to succeed in a digital environment where a ransomware attack is always a possibility.
Source: https://www.ciodive.com/news/travelex-ransom-breach-investigation/575842/