Port of Seattle releases details of ransomware attack

The Port of Seattle released a statement on Friday confirming it was the target of a ransomware attack.

The attack occurred on August 24. The port (which also operates Seattle-Tacoma International Airport) said there were “certain system outages that indicated a possible cyberattack.”

The port now describes this as “a ransomware attack by the criminal organization Rhysida.” (The group was also apparently responsible for the cyberattack on the British Library last year.) With the port refusing to pay the ransom, “Rhysida may respond by publishing data it claims to have stolen on its darknet site.”

“Our investigation into what data the perpetrator stole is ongoing, but it appears that the perpetrator stole some port data in mid- to late August,” the port said, adding that it would notify employees or passengers if it learned their information had been stolen.

TechCrunch's Devin Coldewey actually flew over the airport a few days after the attack and saw firsthand that many airport systems were still down.