Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Port of Seattle confirms recent cyberattack was ransomware assault

A person's fingers type at a keyboard, with a digital security screen with a lock on it overlaid.

The cyber-incident that hit the Port of Seattle in late August 2024 was a ransomware attack, the company has confirmed.

In a press release, the organization also shared a few additional details that were uncovered in the investigation, with affiliates of the Rhysida ransomware group blamed for the attack.

"This incident was a "ransomware" attack by the criminal organization known as Rhysida," the company noted. "There has been no new unauthorized activity on Port systems since that day. It remains safe to travel from Seattle-Tacoma International Airport and use the Port of Seattle's maritime facilities."

No payment

To put things into context - the United States government agency overseeing Seattle's seaport and airport, Port of Seattle, reported on August 24, 2024 that it suffered a cyberattack that forced it to push parts of its infrastructure offline. At the time, it did not share many details, other than it was working diligently to restore its services.

Ransomware attackers usually steal sensitive data from their victims, and then demand payment in exchange for keeping it private. The same thing happened here, but so far the company doesn’t know what was taken.

"Our investigation has determined that the unauthorized actor was able to gain access to certain parts of our computer systems and was able to encrypt access to some data,” the PR further explains. “Our investigation of what data the actor took is ongoing, but it does appear that some Port data was obtained by the actor in mid-to-late August. Assessment of the data taken is complex and takes time, but we are committed to these efforts and notifying potentially impacted stakeholders as appropriate.”

The organization said it refused to pay the ransom demand, which could result in the data leaking on the dark web. At press time, that doesn’t seem to have happened.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.