Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Marine Services Provider Swire Pacific Offshore Discloses Data Breach

Singapore-based marine services provider Swire Pacific Offshore (SPO) disclosed a cybersecurity incident that resulted in the loss of commercial and personal data.

In an announcement published over the U.S. Thanksgiving holiday weekend, the company revealed that a third-party was able to access some of its systems without authorization.

Singapore-based marine services provider Swire Pacific Offshore (SPO) disclosed a cybersecurity incident that resulted in the loss of commercial and personal data.

In an announcement published over the U.S. Thanksgiving holiday weekend, the company revealed that a third-party was able to access some of its systems without authorization.

“The unauthorized access has resulted in the loss of some confidential proprietary commercial information and has resulted in the loss of some personal data. The cyberattack has not materially affected SPO’s global operations,” the company said in a statement.

SPO also announced that it has reported the incident to the authorities and that it started the process of notifying the affected parties.

The company also said it took steps to improve its security, to better protect customers and staff, and to mitigate the impact of the incident, but provided no further details on the type of cyberattack that it suffered.

However, SPO’s announcement suggests that the threat actor attempted to extort the company, which indicates that ransomware might have been used in the attack.

[ READ: Six Arrested for Roles in Clop Ransomware Operation ]

“[SPO] takes a serious view of any cyberattack or illegal accessing of data or any unlawful action that potentially compromises the privacy or confidentiality of data, and will not be threatened by such actions,” the company added.

The cybercriminals behind the Clop ransomware operation have already claimed responsibility for the attack, and also published on their Tor leaks website a large amount of data allegedly stolen from SPO.

Over 56 archives publishedappear to contain personal data of SPO employees, including ID cards and passport scans, email addresses, bank account numbers, and phone numbers, along with internal login details.

Operating in 18 countries, the company has a fleet of over 50 offshore support vessels and roughly 2,500 employees, but it’s unclear how many of them might have been affected by the incident.

Just as SPO disclosed, the hackers also appear to have stolen files containing various commercial information, including receipts and other documents.

Related: Ransomware Operators Threaten to Leak 1.5TB of Supernus Pharmaceuticals Data

Related: Six Arrested for Roles in Clop Ransomware Operation

Related: Russian Cybercrime Group Exploits SolarWinds Serv-U Vulnerability

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.