💰💣

Travelex and Garmin Security Incident

December 2019 - January 2020 (Travelex), July 2020 (Garmin) 2291 days ago Resolved

Incident Overview

Situation Description

The article discusses lessons learned from the ransomware attacks on Travelex and Garmin, highlighting security failures and the impact on their operations.

Event Types

Ransomware Malware / Destructive Attack

Industry Sector

Other

Geographic Scope

Global

Response Actions

Managed Public Narrative & Crisis Communications Revised Incident Response Plan Conducted Employee Training Hardened Attack Surface

Impact Analysis

Event Types (2 identified)

Ransomware Malware / Destructive Attack

Financial Impact

$0 USD

Records Affected

Data Types Compromised

PII (Personally Identifiable Information) Credentials Operational / System Data

Primary Impacts

Operational Disruption Financial Loss Reputational Damage

Key Decisions Made

Create and maintain a comprehensive Business Continuity Plan.; Adopt a data-first approach to cybersecurity, focusing on securing data workflows.; Educate all employees on identifying and handling phishing and social engineering attacks.; Apply software updates and security patches immediately to prevent vulnerabilities.; Communicate clearly and transparently with customers during and after a cyber attack.

Technical Analysis

Attack Method

Unpatched Vulnerability

Threat Actor Attribution

REvil Sodinokibi Evil Corp WastedLocker

Vulnerability / Tool

Pulse Secure VPN

Additional Information

Glossary Lessons to learn from the Travelex & Garmin ransomware attacks 7 min read | 27 Aug 2020 Share on: What is ransomware? For the blissfully unaware, ransomware is a type of cyberattack whereby the attacker encrypts the files on a victims machine or across the network and then demands a ransom before they will be decrypted and access is restored, or so they hope. Sometimes the hacker will even threaten to sell or disclose the stolen data unless a ransom is paid. But regardless of any ransom being paid or not, when an organization falls victim to a successful ransomware attack, the simple fact that the incident occurred in the first place constitutes a major security breach. Ransomware hackers are not limiting themselves to targeting smaller companies. Theyre also successfully attacking established businesses and going after major brands like Travelex and Garmin. The recent attacks on these companies have exposed dangerous gaps in security practices, which with the right processes in place, could have been prevented. What happened during the Travelex and Garmin ransomware attacks? Travelex, a well-known foreign exchange company headquartered in London, was targeted by a sophisticated attack in December 2019 and lasted until the end of January 2020, shutting down their operations completely. The company has explained that the attack came from the REvil ransomware gang who used Sodinokibi ransomware to encrypt the data. The cybercriminals then threatened to auction off the sensitive stolen data on the Dark Web. The public was notified of the data breach a week after the attack happened. It has been suggested that the attack was able to happen because of repeated failures to patch its Pulse Secure VPN servers. The damage to the company was huge. The attackers demanded $6 million to restore access and data, and to stop the sale of the data. It has been reported that Travelex paid the hackers a ransom of $2.3 million to regain access to their data, with other...

... (truncated for display)

Quick Facts

Company:: Travelex and Garmin
Date:: December 2019 - January 2020 (Travelex), July 2020 (Garmin)
Status:: Resolved
Decision Maker:: nan
Position:: nan
Published:: 27/08/2020

Source Information

Original Query

how did "Garmin" recover from "WastedLocker" ransomware attack

View Original Source

Timeline

Information Published

27/08/2020

Incident Occurred

December 2019 - January 2020 (Travelex), July 2020 (Garmin) (2291 days ago)

Status: Resolved

Estimated resolution based on age

Actions

View Company Profile

Navigation

Quick Stats