​Port of Seattle, the U.S. authorities company overseeing Seattle’s seaport and airport, is notifying roughly 90,000 people of a knowledge breach after their private info was stolen in an August 2024 ransomware assault.
The company disclosed the assault on August 24, saying the ensuing IT outage disrupted a number of providers and programs, together with reservation check-in programs, passenger show boards, the Port of Seattle web site, the flySEA app, and delayed flights at Seattle-Tacoma Worldwide Airport.
Three weeks after the preliminary disclosure, the Port confirmed that the Rhysida ransomware operation was behind the August 2024 breach.
After the incident, the Port additionally determined to not give in to the cybercriminals’ calls for to pay for a decryptor though they threatened to publish stolen information on their darkish net leak website.
“We’ve got refused to pay the ransom demanded, and in consequence, the actor might reply by posting information they declare to have stolen on their darkweb website,” the Port of Seattle mentioned on September 13, 2024.
“Our investigation of what information the actor took is ongoing, however it does seem that some Port information was obtained by the actor in mid-to-late August. Evaluation of the information taken is advanced and takes time.”
​Information breach impacts roughly 90,000 individuals
On Thursday, April 3, 2025, the Port introduced that it is now sending roughly 90,000 notification letters to people impacted by the ensuing information breach who had a mailing tackle. In keeping with the company, roughly 71,000 of these affected by this information breach are from Washington state.
In keeping with a copy of the breach notification letters, the attackers stole worker, contractor, and parking information in numerous mixtures, together with names, dates of start, Social Safety numbers (or final 4 digits of Social Safety quantity), driver’s license or different authorities identification card numbers, and a few medical info.
The Port additionally mentioned that it shops “little or no info” on airport or maritime passengers and that its cost processing programs had been unaffected by the assault.
“At no level did this incident have an effect on the power to securely journey to or from SEA Airport or use the Port’s maritime amenities,” the Port added this week. “The proprietary programs of main airline and cruise companions weren’t affected, nor had been the programs of federal companions just like the Federal Aviation Administration, Transportation Safety Administration, and U.S. Customs and Border Safety.”
Rhysida, the ransomware-as-a-service (RaaS) operation behind the Port of Seattle assault, surfaced in Might 2023 and shortly gained notoriety after breaching the British Library, the Chilean Military (EjĂ©rcito de Chile), the Metropolis of Columbus, Ohio, Sony subsidiary Insomniac Video games, and MarineMax (the world’s largest leisure boat and yacht retailer).
Its associates additionally breached Singing River Well being System, which warned virtually 900,000 individuals that their private and well being info had been stolen in an August 2023 Rhysida ransomware assault.
Based mostly on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK strategies behind 93% of assaults and the best way to defend in opposition to them.
