- Port of Seattle sent out notification letters to people affected in the August 2024 ransomware attack
- The letter was sent out to roughly 90,000 people
- The attack was conducted by the Rhysida ransomware group
Port of Seattle, the US government agency overseeing the city’s seaport and airport, has begun sent out data breach notification letters to people affected by the August 2024 ransomware attack, revealing around 90,000 were affected.
“The Port of Seattle today announced that notification letters have been mailed to individuals whose data was impacted in the August 2024 cyberattack,” the company said on its website.
“This website notice is intended to provide the same information included in the notification letters to individuals for whom the Port has insufficient or out-of-date contact information.”
Rhysida blamed
In the letter, Port of Seattle said that it suffered a cyberattack on August 24, 2024. After analyzing the attack, it discovered that the attackers “accessed and downloaded some personal information from Port systems,” including legacy systems used for employee, contractor, and parking data.
“The Port holds very little information about airport or maritime passengers, and systems processing payments were not affected,” it further explained.
The data that was taken, belonging mostly to current and former Port and other employees and contractors, included full names, dates of birth, Social Security numbers (or last four digits), driver’s license or other government ID card numbers, and medical information.
The agency notified some 90,000 individuals of the incident, most of which (around 71,000) are from Washington state.
The letter also confirms the Rhysida ransomware group was behind the attack. Even though the criminals demanded payment in exchange for releasing the systems and deleting the stolen data, the Port decided not to pay.
“We have refused to pay the ransom demanded, and as a result, the actor may respond by posting data they claim to have stolen on their darkweb site,” the Port of Seattle said at the time.
Rhysida is one of the bigger ransomware operators, having assumed responsibility for the attacks on the British Library, the Chilean Army, Insomniac Games, and many others.
Via BleepingComputer
