Port of Seattle says cyber attack compromised the data of 90,000 customers

The Port of Seattle said that a disruptive data security incident it suffered last year compromised the sensitive personal information of about 90,000 individuals.

 

On August 24, 2024, the Port of Seattle, which operates the city’s airport and seaport, said it experienced a major cyber attack which was had a massive effect on the Seattle-Tacoma International Airport, causing widespread delays and a temporary halt to critical operations.

 

“Virtually all airlines are back to full service for ticketing and baggage management. Few flight delays or disruptions are occurring beyond a typical busy holiday volume period,” the port later said. “That continues to be the main priority to get passengers to and from their travels safely. TSA wait times are minimal while dining and retail locations are operating normally.”

 

The port added that its investigation has revealed that the Rhysida ransomware group was responsible for infiltrating its internal network.

 

“Our investigation has determined that the unauthorised actor was able to gain access to certain parts of our computer systems and was able to encrypt access to some data. 

 

“We took steps to block further activities including disconnecting our systems from the internet, but unfortunately, the encryption and our response actions hindered some port services including baggage, check-in kiosks, ticketing, Wi-Fi, passenger display boards, the Port of Seattle website, the flySEA app, and reserved parking,” the port said.

 

In a recent press release, the Port said that it has identified approximately 90,000 individuals impacted by the incident and has started sending notification letters to them. The compromised data includes names, dates of birth, Social Security numbers (or last four digits of Social Security number), driver’s license or other government identification card numbers, and medical information.

 

“The Port has completed its investigation and is sending approximately 90,000 individual notifications to affected individuals with an available mailing address. Approximately 71,000 individuals affected live in Washington state,” reads the notice. The Port has also offered complimentary identity protection and credit monitoring services to all the affected individuals.