The Port of Seattle has officially confirmed a massive data breach that occurred as a result of the Rhysida ransomware attack in August 2024. The personal data of approximately 90,000 employees and contractors was affected, of which more than 70,000 live in Washington state.
As a result of the cyberattack, which caused serious disruptions in the port and SEA airport infrastructure, the attackers were able to access sensitive information – names, dates of birth, ID numbers and, in part, Social Security numbers. Some medical data was also exposed.
Despite the port’s statement of refusal to pay the ransom, the Rhysida cyber group responsible for the attack was able to publish the stolen data on the darknet. Payment systems and services of airlines, cruise operators and federal agencies remained untouched.
Letters of notification of the breach have already begun to reach victims. It is specified that the security of passenger transportation was not affected by the incident.
The Port of Seattle is a government agency that controls the operation of the city’s seaport and international airport. In August 2024, it was attacked by ransomware, which temporarily disrupted the operation of check-in kiosks, the flySEA mobile application, Wi-Fi, parking systems and passenger displays. After the attack, a number of systems were disconnected from the Internet to prevent further intrusion. The investigation, which is still ongoing, is complicated by the volume of stolen data.
The Port of Seattle continues to analyze the breach and inform victims. This incident was a reminder that even large government structures remain vulnerable to ransomware attacks, and the need for enhanced protection of personal data remains paramount.
161 
148 
159 