Port of Seattle shares details of ransomware attack

The Port of Seattle released a statement Friday confirming it had been targeted by a ransomware attack.

The attack occurred on August 24, with the port (which also operates Seattle-Tacoma International Airport) saying it had “experienced some system failures, indicating a possible cyberattack.”

Port is now describing it as a “‘ransomware’ attack carried out by a criminal organization called Risida.” (The group was also responsible for last year’s cyberattack on the British Library.) After Port refuses to pay the ransom, Risida “may respond by posting the stolen data on its darkweb site.”

“Our investigation into what data the actor stole is ongoing, but it appears the actor obtained some of the port’s data in mid-to-late August,” the port said, adding that if it learns any information on employees or passengers was stolen, it will notify them.

TechCrunch’s Devin Koldeway visited the airport a few days after the attack, where he saw firsthand that many of the airport’s systems were still down.