London-listed, Abu Dhabi-based payments firm Finablr PLC expects no material financial impact after its U.K.-based foreign exchange subsidiary brand Travelex was hit by a software virus at the end of 2019, the company said Jan. 8 in a statement.
Travelex, which has taken its systems offline to prevent the virus from spreading further across its network, said the virus is ransomware called Sodinokibi — also known as REvil.
BBC News reported Jan. 7 that a gang bearing the same name as the ransomware, Sodinokibi, took responsibility for the attack and is demanding a ransom of $6 million in exchange for restoring the company's network.
The gang claims they have downloaded customers' sensitive data, including credit card information and national insurance numbers, after previously gaining access to Travelex's network, according to the report.
Travelex, for its part, said it found no evidence that structured personal customer data has been encrypted and that there was no evidence of any data being exfiltrated.
The company is working with IT specialists and external cybersecurity experts to deal with the affected systems and said it has successfully contained the virus and is currently moving to restore its systems. It added that some internal systems are already operating normally.
Travelex noted that it is discussing the attack with the U.K. National Crime Agency and the Metropolitan Police, both of which are carrying out their own criminal investigations, as well as other regulators across the world.
Finablr, meanwhile, reaffirmed that its six other brands have not been affected by the attack and are operating normally.