Last checked at 
(Adds details from statement, background)
Jan 17 (Reuters) - Foreign currency provider Travelex said
the first of its customer-facing systems in Britain was up and
running on Friday, more than two weeks after hackers took hold
of its systems, leading to a global blackout of its online
services.
A phased global restoration of systems was "firmly
underway", the company said.
Staff at Travelex were forced to use pen and paper to serve
thousands of customers after ransomware forced the company to
take all its systems offline, causing chaos for New Year
holidaymakers and business travellers seeking online currency
services.
Travelex, owned by Finablr, provides forex services
for customers of HSBC, Barclays, Virgin Money
and the banking arms of British retailers Tesco
and Sainsbury.
It said on Friday that it was restoring in-branch retail
systems in some Travelex and partner stores in the UK and
testing some systems outside the UK this week.
It added that an automated order placement service used by a
number of its British High Street banking partners was live.
"We have started restoring forex order processing
electronically in our UK stores and in some of our UK retail
partner locations, and we are also now starting our VAT refund
service in UK airports," Travelex CEO Tony D'Souza said.
The currency trader said it was in the "advanced stages" of
testing the systems supporting bank note orders and its UK
international money transfer service.
The company, which has a presence in more than 70 countries,
had been forced to serve customers face-to-face at 1,200
locations worldwide.
Travelex had said on Monday that it was restoring operations
to process foreign exchange orders electronically. It has said
then that there was no evidence to suggest that customer data
has been compromised.
The company has said it was working with authorities
including the National Cyber Security Centre and London's
Metropolitan Police. The police have launched a criminal
investigation.
Companies face an increasing threat from ransom-demanding
hackers who cripple technology systems and demand payment to
stop.
Travelex, which had been hit by ransomware called
Sodinokibi, did not say if it had paid a ransom.
(Reporting by Noor Zainab Hussain in Bengaluru; Editing by
Susan Fenton)
