Hackers are demanding a ransom from Travelex in return for giving the foreign exchange bureau back control of its IT systems and customer data.
On New Year's Eve, Travelex was forced to pull the plug on its websites in 30 countries after discovering a software virus infection.
In a statement, the Metropolitan Police has now confirmed that hackers behind the attack are demanding payment. A deadline is believed to have been set.
Says the Met: "On Thursday, 2 January, the Met's Cyber Crime Team were contacted with regards to a reported ransomware attack involving a foreign currency exchange. Enquiries into the circumstances are ongoing."
The hackers are believed to be demanding a $3 million payout to restore services.
The outage has had a domino effect at banks which rely on the Travelex service, including Tesco Bank, HSBC, Barclays and Virgin Money.
Travelex has come under fire for its response to the hack. The firm's website still has a notice telling customers that it is down due to "planned maintenance". Meanwhile no email on the situation has been sent to customers, although questions are being answered on social media.
With the outage ongoing, the firm says that its network of branches continues to provide foreign currency services, albeit manually.