Port of Seattle Launched statement Microsoft confirmed on Friday that it had been hit by a ransomware attack.
The attack occurred on August 24, and the port (which also operates Seattle-Tacoma International Airport) said it “experienced certain system outages that indicate a possible cyber attack.”
Now, the port is describing the attack as a “ransomware attack by the criminal organization known as Rhysida.” (The group was also responsible for last year’s cyberattack on the British Library.) If the port refuses to pay the ransom, Rhysida may respond by “publishing the data it claims to have stolen on its dark web site.”
“Our investigation into the data stolen by the perpetrator is ongoing, but it appears that the perpetrator obtained some port data in mid- to late August,” the port said, adding that it would notify employees or passengers if it learned any of their information had been stolen.
TechCrunch’s Devin Koldewey visited the airport by plane a few days after the attack, where he saw for himself that many of the airport’s systems were still down.