This incident was a “ransomware” attack by the criminal organization known as Rhysida. The efforts our team took to stop the attack appear to have been successful. There has been no new unauthorized activity on our systems since that day.
— Port of Seattle - ⚓️ (@PortofSeattle) September 13, 2024
Port of Seattle Shares Ransomware Attack Details
The Port of Seattle confirmed on Friday that it was targeted by a ransomware attack. The attack occurred on August 24, with the Port, which also manages Seattle-Tacoma International Airport, reporting system outages indicative of a potential cyberattack.
The Port has identified the incident as a ransomware attack perpetrated by the criminal group Rhysida. This group was also involved in last year’s cyberattack on the British Library. The Port has chosen not to pay the ransom, and Rhysida may respond by posting purportedly stolen data on their dark web site.
The Port stated that its investigation into the data breach is ongoing, noting that some Port data was likely obtained by the attackers in mid-to-late August. The Port will notify employees or passengers if it discovers that any personal information was compromised.