Port of Seattle shares ransomware attack details



The Port of Seattle released a statement Friday confirming that it was targeted by a ransomware attack.

The attack occurred on August 24, with the Port (which also operates the Seattle-Tacoma International Airport) saying it had “experienced certain system outages indicating a possible cyberattack.”

The Port is now describing this as “a ‘ransomware’ attack by the criminal organization known as Rhysida.” (The group was also apparently responsible for last year’s cyberattack on the British Library.) With the Port refusing to pay the ransom, Rhysida “may respond by posting data they claim to have stolen on their darkweb site.”

“Our investigation of what data the actor took is ongoing, but it does appear that some Port data was obtained by the actor in mid-to-late August,” the Port said, adding that it will notify employees or passengers if it learns that any of their information was stolen.

TechCrunch’s Devin Coldewey actually flew through the airport a few days after the attack, where he saw firsthand that many airport systems were still down.




Source