Adrian Johnson
TLDR:
- A ransomware attack by Rhysida group caused widespread outages at the Port of Seattle.
- Port officials refused to pay the ransom, leading to data theft threats.
Port of Seattle officials pin attack, data theft to Rhysida ransomware group
Port of Seattle officials have identified the Rhysida ransomware group as responsible for a recent ransomware attack that caused widespread outages across multiple systems. The attack disrupted services such as baggage handling, check-in kiosks, ticketing, Wi-Fi, flight display screens, and websites. Despite most systems being restored, certain portals and the airport’s mobile app remain non-operational. The refusal to pay the ransom led to threats of data leaks, as the group claimed to have stolen data and warned of posting it on the dark web.
Port officials emphasized their commitment to not paying the perpetrators behind the cyberattack, citing their values and responsibility as stewards of taxpayer dollars. An ongoing investigation is determining the extent of data stolen, and potentially impacted individuals will be notified once assessments are complete. The incident highlights the challenges faced by critical infrastructure providers post-security breach and the importance of building resilience for future incidents. Collaboration with cybersecurity agencies is underway to strengthen security measures and protect sensitive information.
