3TB stolen from Port of Seattle

September 2024 by Dr Darren Williams, CEO of Blackfog

Rhysida ransomware gang has claimed to have stolen over 3TB worth of data, exposing sample documents alongside to “prove” the theft. Included in the data, allegedly stolen from the Port of Seattle, are full names, social security numbers, home addresses, phone numbers, appearance stats such as height, weight and eye colour, signatures and passport scans. Rhysida also claims it has the internal login credentials of the seaport agency’s employees as well as a smorgasbord of other personal data on staff and civilians.

“Attacks by the Rhysida ransomware group continue to hit hard and organisations should remain on high alert. Our most recent ransomware trend report shows that Rhysida attacks increased 7.6% last month, while data exfiltration rose to 93%, demonstrating that cybercriminals are increasingly focused on data theft for financial gain, and they are rapidly adapting their tactics. With data in the hands of criminals, the question of ‘to pay or not to pay’ is a critical one for businesses and security decision makers globally.

The costs associated with business disruption combined with the risks of highly sensitive data breach weigh heavily when deciding whether or not to pay the ransom.

Fortunately for the Port of Seattle, their team was able to get the majority of their systems back online within a week, allowing operations to continue, but with 3TB of data potentially in the hands of bad actors, the organisation and individuals impacted may face severe long-term repercussions.”