SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Port of Seattle Says 90,000 People Impacted by Ransomware Attack

The Port of Seattle says the personal information of 90,000 individuals was stolen in an August 2024 ransomware attack.
Port of Seattle ransomware

The Port of Seattle is notifying 90,000 individuals that their personal information was compromised in an August 2024 data breach resulting from a ransomware attack.

The incident occurred on August 24 and forced the Port to isolate critical systems, which impacted the Seattle-Tacoma International Airport (SEA Airport), Fishermen’s Terminal, and public marinas it operates.

In mid-September, the Port confirmed that ransomware was used in the attack, blaming the Rhysida group for the intrusion and announcing that it refused to pay a ransom. The threat actor was demanding a $6 million ransom to be paid.

Rhysida added the Port to its Tor-based website a couple of days later, claiming the theft of over 3 Tb of data that was offered for auction. The ransomware group has since made some of the data available publicly.

On April 3, the Port revealed that personal information such as names, dates of birth, Social Security numbers, driver’s license numbers, other government ID numbers, and medical information was stolen in the attack.

“The threat actors accessed and downloaded some personal information from Port systems, primarily legacy ones used for employee, contractor, and parking data. The Port holds very little information about airport or maritime passengers, and systems processing payments were not affected,” the Port said.

According to the Port, 90,000 individuals were affected, most of which are “current and former Port and other airport employees and contractors. Roughly 71,000 of the impacted people live in Washington state.

The Port is providing the impacted individuals with one year of free credit monitoring and identity theft protection services.

Advertisement. Scroll to continue reading.

It also underlines that the incident did not affect the proprietary systems of airlines, cruise, and federal partners, and that the attack did not “affect the ability to safely travel to or from Seattle-Tacoma International Airport or safely use the Port’s maritime facilities”.

Related: State Bar of Texas Says Personal Information Stolen in Ransomware Attack

Related: Hunters International Ransomware Gang Rebranding, Shifting Focus

Related: Ransomware Group Takes Credit for National Presto Industries Attack

Related: Russian Espionage Group Using Ransomware in Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Virtual Event: Threat Detection and Incident Response Summit
May 21, 2025

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Webinar: Which Security Testing Approach is Right for You?
March 25, 2025

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Wendi Whitmore has taken the role of Chief Security Intelligence Officer at Palo Alto Networks.

Phil Venables, former CISO of Google Cloud, has joined Ballistic Ventures as a Venture Partner.

David Currie, former CISO of Nubank and Klarna, has been appointed CEO of Vaultree.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.