Foreign currency-exchange giant Travelex was attacked on New Year’s Eve. Travelex websites in at least 20 countries went offline, leaving customers and banking partners stranded without its services. The criminals behind the attack are demanding a six-figure sum in return for the decryption key. The attack could have been successful in part because Travelex took several months to patch critical vulnerabilities in its Pulse Secure VPN servers, according to Bad Packets. Travelex issued a statement this week that it has seen the Sodinokibi ransomware being delivered via a payment website.
Source: https://threatpost.com/sodinokibi-ransomware-travelex-fiasco/151600/