Travelex, a foreign currency exchange specialist and issuer of Air New Zealand’s OneSmart card, has taken all of its websites offline as it deals with a ransom demand from hackers who have stolen customer data.
Joe Tidy, cyber security report at BBC, confirmed that “ransomware” gang Sodinokibi infiltrated the company’s systems with malware and acquired around five gigabytes of customer data, including private information such as credit card information. The company has had to resort to pen and paper while it’s still dealing with the US$6 million demand from the gang.
A spokeswoman for Air NZ offered assurances that the airline and its customers were not affected by the cyberattack.
“OneSmart does not use the Travelex foreign exchange services affected by the attack so Onesmart cardholders are not impacted,” the spokeswoman said, as reported by NZ Herald. “We have received confirmation from our OneSmart programme manager Mastercard that this attack will not compromise OneSmart in any way and Onesmart customers do not need to take any action.”
Daniel Johns, head of services at Australian information and communication technology company ASI Solutions, warned last year that “ransomware attacks most often succeed through very sophisticated phishing techniques.”
“For example, when someone clicks on something they shouldn’t and the malware infiltrates their contact list – the attackers then use those credentials to exploit further,” Johns explained. “A proactive approach to cybersecurity, including user awareness and training, is vital. As SMBs continue to be heavily targeted by ransomware, we’ll continue to work directly with our clients to help reduce the risk and impact of an attack, should it occur.”
