The Port of Seattle released a statement on Friday acknowledging that it had been targeted in a ransomware attack.
The attack occurred on August 24, and the Port Authority, which also runs Seattle-Tacoma International Airport, said in a statement that it “experienced certain systems failures indicating a possible cyber attack.”
The Port Authority is now describing this as a “ransomware” attack by a criminal organisation known as Rhysida. (The group is also believed to be behind last year's cyberattack on the British Library.) As the Port Authority has refused to pay the ransom, Rhysida “may retaliate by posting the data it claims to have stolen on a dark web site.”
“We are still investigating what data the perpetrators stole, but it appears some of the port's data was obtained by the perpetrators sometime in mid- to late August,” the port said, adding that it would notify employees or passengers if any information was found to have been stolen.
TechCrunch's Devin Coldewey flew through the airport a few days after the attack and saw that many airport systems were still down.