Posted on September 18, 2024
The Port of Seattle has confirmed that system outages in August were caused by a ransomware cyberattack by hacker group Rhysida.
The attack on August 24 took down the port’s systems for its maritime operations and Seattle-Tacoma International Airport, delaying flight check-ins at the airport and causing scores of travelers to miss their flights. In an update sent out on September 13, the Port of Seattle — which operates the airport— said that the port refused to pay the ransom demand to the group. Rhysida is believed to be behind similar previous cyberattacks against the British Library and Insomniac Games as well.
“Paying the criminal organization would not reflect port values or our pledge to be a good steward of taxpayer dollars,” Port of Seattle executive director Steve Metruck said. “Following our response efforts, we also commit to using this experience to strengthen our security and operations, as well as sharing information to help protect businesses, critical infrastructure and the public.”
The port said that it believes that its data was acquired by the hacker group sometime in mid-to-late August, but it is unclear whether Rhysida has any personal employee or traveler information. In the meantime, the port is still working on fully restoring all of its systems, but does not currently have a timeline for when that process might finish.