September 16, 2024 at 07:39AM
The Port of Seattle confirmed a ransomware cyberattack in August, causing outages and disruptions to various services at the SEA Airport and other facilities. While most affected systems have been restored, the Port’s external website and internal portals remain offline. Stolen data is being assessed, with the potential for public release, as the Port refuses to pay the ransom.
Based on the meeting notes, here are the key takeaways:
– The Port of Seattle, which operates the Seattle-Tacoma International Airport (SEA Airport), experienced a ransomware cyberattack causing days-long outages.
– The attack affected various services, including passenger display boards, Wi-Fi, check-in kiosks, ticketing, baggage, reserved parking, the flySEA application, and the Port of Seattle website.
– The Port has restored most of the affected systems within a week after the attack, but the external website and internal portals remain offline.
– Some data was encrypted and stolen during the attack, and the Rhysida ransomware gang was identified as responsible.
– The Port has refused to pay the ransom, and the possibility of the stolen data being leaked online is a concern for the organization.
– The Port is in the process of assessing the data that was taken and is committed to notifying potentially impacted stakeholders.
Additionally, the meeting notes contain related information about ransomware attacks in other organizations, indicating a wider issue with ransomware cybersecurity threats.