The Port of Seattle released a statement confirming it had been hit by a ransomware attack on Friday.
The attack occurred on August 24, and the port (which also operates Seattle-Tacoma International Airport) said it “experienced specific system outages indicating a possible cyberattack.”
Port is now describing it as a “‘ransomware’ attack by a criminal group called Rhysida” (the same group also believed to be responsible for the cyberattack on the British Library last year). If Port refuses to pay the ransom, Rhysida “may respond by publishing the data they claim to have stolen on a dark web site.”
“While an investigation is ongoing into what data the attackers may have stolen, some port data appears to have been collected by the attackers in mid- to late-August,” the port said, adding that it would notify employees or passengers if it becomes aware that their information had been stolen.
TechCrunch’s Devin Koldway actually visited the airport a few days after the attack and saw firsthand that many airport systems were still not working.
