The foreign currency specialist Travelex has been forced to take its websites offline following a cyber-attack.

The group said it immediately took down its online systems to protect data and prevent the software virus spreading after discovering the attack on New Year’s Eve.

It added that its investigations so far suggested no personal or customer data had been compromised.

The incident comes just as many people are preparing to head off for an early new-year getaway.

Some observers pointed out on Twitter that, prior to news of the virus emerging, Travelex had posted messages on some of its websites claiming the reason services were unavailable was “due to planned maintenance”.

The company said that at present it was unable to perform transactions on the website or through the app. At the time of writing, online ordering of travel money was among the services that were down.

As well as affecting the company’s operations in the UK, the incident has caused problems for Travelex customers in other countries, including the US, Australia and France, with many taking to Twitter to try to find out what is happening. Some had placed orders for currency, which they were still waiting for.

The incident has also affected other companies whose travel money services are provided by Travelex. Tesco Bank and Asda were among the companies whose sites stated that their online travel money services were unavailable.

Travelex has been forced to provide foreign exchange services manually in its branches. It has drafted in IT specialists and external cyber security experts to isolate the virus and get affected systems back online.

Tony D‘Souza, Travelex’s chief executive, said: “We regret having to suspend some of our services in order to contain the virus and protect data.

“We apologise to all our customers for any inconvenience caused as a result. We are doing all we can to restore our full services as soon as possible.”

The company added: “Our investigation to date shows no indication that any personal or customer data has been compromised. We’ve deployed teams of IT specialists and external cyber security experts who’ve been working continuously since New Year’s Eve to isolate the virus and restore the systems.”

Travelex was at the centre of an IT crisis nearly two years ago, when it mistakenly leaked data on thousands of customers of partner Tesco Bank. The consumer organisation Which? said sensitive information about Tesco Bank travel-money customers – including full names, dates of birth, addresses, phone numbers and partial payment-card information – was exposed. Just under 17,000 people were affected in the March 2018 incident. Which? said at the time that Travelex had “ruled out a cyber-attack”.

Based in London, Travelex has more than 1,200 branches worldwide. The group – founded in 1976 – is owned by the global payments platform Finablr, which is listed on the London stock exchange but based in the United Arab Emirates.

