September 17, 2024 at 12:55PM
Ransomware group Rhysida claims to have stolen over 3 TB of data from Port of Seattle, including personal information, and is auctioning it for 100 Bitcoin. The Port confirmed the ransomware attack and its refusal to pay the ransom. While services are being restored, the timeline for full recovery remains uncertain.
From the meeting notes, it is clear that Rhysida, a criminal organization, has claimed to possess stolen data from the Port of Seattle and is seeking to sell it for 100 Bitcoin, valued at around $5.9 million. The data includes sensitive personal information such as social security numbers, dates of birth, addresses, and passport scans. Rhysida has also asserted that they have internal login credentials of the seaport agency’s employees and other personal data on staff and civilians.
The Port of Seattle confirmed that it was indeed the victim of a ransomware attack by Rhysida. The Port has refused to pay the ransom and stated that there has been no new unauthorized activity on its systems since the attack day. However, Rhysida claims that the Port made a $750,000 payment offer for the stolen data, which contradicts the Port’s statement. The Port affirms that the seaport and Seattle-Tacoma International Airport (SEA) are safe to use, but some services remain down.
The Port is working on restoring its systems and aims to enhance its security posture to prevent such incidents in the future. The Port is focused on the safe and secure restoration of systems, with a commitment to providing regular updates.
Overall, the meeting notes provide a comprehensive overview of the ransomware attack on the Port of Seattle by the criminal organization Rhysida and the subsequent response and actions taken by the Port in addressing the situation.