On New Year’s Eve 2019, REvil ransomware operators exploited CVE-2019-11510 in Travelex’s unpatched Pulse Secure VPN to gain initial access to Travelex’s corporate network. Travelex, the world’s largest retail foreign exchange company (operating in 70 countries with kiosks in major airports), took all its systems offline on January 2, 2020 after detecting the ransomware. For weeks, Travelex employees at airport kiosks and retail locations worldwide could only offer manual currency exchange by pen and paper. Major bank partners including Lloyds Bank, Barclays, Royal Bank of Scotland, and HSBC had their online currency services disrupted as they relied on Travelex’s platform. REvil demanded a $6 million ransom, which Travelex reportedly paid approximately $2.3 million after negotiations. Despite paying the ransom and decrypting systems, Travelex had already suffered extensive damage. Combined with COVID-19 travel disruptions later that year, Travelex filed for administration (bankruptcy) in August 2020, with the ransomware attack cited as a contributing factor. The attack was a landmark demonstration of CVE-2019-11510 exploitation and the severe business consequences of failing to patch critical VPN vulnerabilities.