Overview of the Incident
The Port of Seattle, which is in charge of managing major transportation hubs in the region, has reported a significant ransomware attack in August 2024 that led to the theft of personal data related to approximately 90,000 individuals. This breach deeply impacted operations, causing disruptions across various services such as reservation check-ins and delaying flights.
Details of the Cyberattack
The breach was first disclosed by the agency on August 24, 2024, revealing that the Rhysida ransomware group was responsible. Despite threats to leak the stolen data, the Port stood firm against paying the ransom. An ongoing investigation into the exact nature of the stolen data is underway, though the attackers accessed critical personal and employee information.
Information Stolen
- Full names, dates of birth, and Social Security numbers
- Driver’s license or other government identification numbers
- Limited medical information
Impact and Response
As of April 3, 2025, the Port has begun dispatching notification letters to those affected, with a significant number of these individuals residing in Washington state. It is important to note that the payment processing systems were not compromised, ensuring that payment data remained secure.
Operational and Safety Measures
The Port reassured the public that, despite the cyber intrusion, the functionality required to safely travel and operate was not compromised. Collaboration with major airline and cruise partners helped maintain operational integrity during and after the breach.
Previous Incidents Involving Rhysida Ransomware
Rhysida, emerging in May 2023, quickly gained infamy by targeting prestigious institutions and businesses across the globe. Notable breaches include the British Library, the Chilean Army, and the City of Columbus, Ohio.
Related: 7 Alarming Details of the PoisonSeed Phishing Scheme That Targets Crypto Wallets
Last Updated: April 4, 2025
