On Tuesday 31st December, we detected a malware. Upon discovery, the crisis management team immediately began an investigation and, as a precautionary measure, took all our systems offline to prevent the spread of the malware further across our network.
Despite this, the majority of our business did in fact remain operational through our retail outlets, working manually rather than through our central systems. Our stores around the world have been open for business, serving customers, and our ATMs have been working normally.
We are making good progress with our technology recovery. Initially our focus was on restoration of internal and order processing systems; following which we have made good progress restoring customer-facing systems.
Having discovered the malware, we have been working with external cyber experts who are undertaking extensive investigations and analyses. You will understand that this is a matter under investigation. We are working with the relevant authorities and cannot comment any further at this stage.
We are making good progress with our technology recovery. Initially our focus was on restoration of internal and order processing systems; following which we have made good progress restoring customer-facing systems. For specific updates please see our updates here.
We have taken a phased approach to ensure the integrity and security of our systems and therefore certain limitations will be in place as we move towards restoring full functionality across the entire Travelex estate.
Since January 1, we have continued to provide services to customers in-store and have provided interim customer solutions for our Travelex Money Cards. The following services are now operational:
Our priority throughout our recovery is to ensure that systems are brought back up in a controlled, secure and managed way and to make sure that you receive clear updates on progress.
We are undertaking extensive forensic analyses with our expert advisers and the investigation is ongoing. To date there is no evidence that any data has left the organisation. The protection of our customer and partner data remains our priority and has been since we first discovered the attack.
We have been providing refunds to customers and encourage customers to get in touch to discuss their specific situation. Our 24/7 global customer support desks are fully operational to offer advice, workarounds and to discuss any customer concerns.
We have proactively reached out to customers where we identified that we were unable to complete a home delivery for their click and collect order, or they were unable to collect their order from one of our branches.
Please see this page or your local Travelex website for customer contact details.
Based on the public attention this incident has received, fraudsters may try to take advantage of it and attempt some common e-mail or telephone scams. Increased awareness and vigilance are key to detecting and preventing this type of activity. As a precaution, if you receive a call from someone claiming to be from Travelex that you are not expecting or you are unsure about the identity of a caller, you should end the call and call back using your local Travelex customer service number. You can find those on our local websites and we have put them on this Customer Information Hub too.