Hackers have demanded $6 million in bitcoin from the operator of Seattle-Tacoma International Airport for documents stolen during a cyberattack last month and posted on the dark web this week. The Port of Seattle, which owns and operates the airport, has chosen not to pay the ransom. The attack was attributed to a ransomware gang known as Rhysida, and the FBI is now conducting a criminal investigation into the matter.
The airport's managing director of aviation, revealed that while the attack seems to have been halted, some data was encrypted by the hackers. The cybercriminals posted eight stolen files from Port systems on their dark website and are requesting 100 bitcoin in exchange for the data. The specific contents of the documents were not disclosed, but the airport has committed to notifying any individuals whose personal information may have been compromised.
Port officials have emphasized that paying the ransom would not be a prudent use of taxpayer funds. The airport is currently in the process of recovering from the attack, which commenced on August 24, just a week before the Labor Day holiday weekend. Although flights were able to continue operating, the attack caused disruptions to ticketing, check-in kiosks, and baggage handling. Passengers on smaller airlines were required to use paper boarding passes during this period.
Notably, the mayor of Columbus, Ohio, previously attributed a data breach in the city's systems to the same Rhysida ransomware gang. The mayor indicated that the stolen data was of minimal value, and no ransom demand was received by the city in that instance.
