Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Marine Services Provider Swire Pacific Offshore Discloses Data Breach

Singapore-based marine services provider Swire Pacific Offshore (SPO) disclosed a cybersecurity incident that resulted in the loss of commercial and personal data.

In an announcement published over the U.S. Thanksgiving holiday weekend, the company revealed that a third-party was able to access some of its systems without authorization.

Singapore-based marine services provider Swire Pacific Offshore (SPO) disclosed a cybersecurity incident that resulted in the loss of commercial and personal data.

In an announcement published over the U.S. Thanksgiving holiday weekend, the company revealed that a third-party was able to access some of its systems without authorization.

“The unauthorized access has resulted in the loss of some confidential proprietary commercial information and has resulted in the loss of some personal data. The cyberattack has not materially affected SPO’s global operations,” the company said in a statement.

SPO also announced that it has reported the incident to the authorities and that it started the process of notifying the affected parties.

The company also said it took steps to improve its security, to better protect customers and staff, and to mitigate the impact of the incident, but provided no further details on the type of cyberattack that it suffered.

However, SPO’s announcement suggests that the threat actor attempted to extort the company, which indicates that ransomware might have been used in the attack.

[ READ: Six Arrested for Roles in Clop Ransomware Operation ]

“[SPO] takes a serious view of any cyberattack or illegal accessing of data or any unlawful action that potentially compromises the privacy or confidentiality of data, and will not be threatened by such actions,” the company added.

Advertisement. Scroll to continue reading.

The cybercriminals behind the Clop ransomware operation have already claimed responsibility for the attack, and also published on their Tor leaks website a large amount of data allegedly stolen from SPO.

Over 56 archives publishedappear to contain personal data of SPO employees, including ID cards and passport scans, email addresses, bank account numbers, and phone numbers, along with internal login details.

Operating in 18 countries, the company has a fleet of over 50 offshore support vessels and roughly 2,500 employees, but it’s unclear how many of them might have been affected by the incident.

Just as SPO disclosed, the hackers also appear to have stolen files containing various commercial information, including receipts and other documents.

Related: Ransomware Operators Threaten to Leak 1.5TB of Supernus Pharmaceuticals Data

Related: Six Arrested for Roles in Clop Ransomware Operation

Related: Russian Cybercrime Group Exploits SolarWinds Serv-U Vulnerability

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.