The Sodinokibi Ransomware attackers are pressuring Travelex, a foreign exchange company to pay a 6 million dollar ransom amount or risk going their data public, the attackers warn that they will either release or sell the stolen data that contains users' personal information.
Travelex was attacked on 31st by New Year's Eve ransomware Sodinokibi Ransomware, the operators stole 5 GB un-encrypted data and later encrypted the company's whole network.
The Sodinokibi Ransomware operators in conversation with BleepingComputer stated that they are demanding 3 million dollars ransom or they would release the data containing "DOB SSN CC" and other. The ransom was later doubled to 6 million dollars.
Meanwhile, the exchange company Travelex is still stating that no evidence of any stolen data exists.
In further conversations with BleepingComputer, the operators said even if the company is denying that any data was stolen they are negotiating the ransom price and would benefit even if the ransom is not paid.
"If this were true, they would not bargain with us now. On the other hand, we do not care. We will still benefit if they do not pay. Just the damage to them will be more serious."
And the Sodinokibi operators are right, they would benefit either way if Travelex does pay the ransom and if it doesn't then they'll simply sell the data. As for Travelex, it will inevitably suffer damage - by paying the ransom, public release of data or if the data is sold to other actors.