AMPORTS

In 2022, AMPORTS, a major U.S.-based automotive port logistics company, fell victim to a BlackBasta ransomware attack, a group with suspected Russian ties. The cyberattack severely disrupted the company’s port operations, crippling critical services tied to vehicle processing, storage, and distribution. The incident exposed significant vulnerabilities in the automotive logistics sector, particularly in supply chain dependencies where digital systems govern port logistics, inventory management, and shipment coordination.The attack likely encrypted key operational systems, halting workflows and causing delays in vehicle deliveries to dealerships and manufacturers. While the exact financial or data breach scope remains undisclosed, the operational outage alone would have led to substantial financial losses—including contractual penalties, idle labor costs, and reputational damage among automotive partners. The disruption also risked cascading effects across the supply chain, as AMPORTS serves as a linchpin for multiple automakers relying on just-in-time inventory models.Given BlackBasta’s modus operandi, the attack may have involved data exfiltration before encryption, though public reports did not confirm whether customer, employee, or proprietary data (e.g., shipping manifests, contractual agreements) was leaked. The incident underscored the growing targeting of critical logistics infrastructure by ransomware groups, where operational downtime inflicts maximum pressure to pay ransoms.

Source: https://static1.squarespace.com/static/5fae4682cc2b52123f436f99/t/644a5cefc33989668ea68c92/1682595078532/NORMA+Cyber_Annual+Threat+Assessment_2023_TLPWHITE.pdf https://ransomwareattacks.halcyon.ai/attacks/blackbasta-attacks-amports

TPRM report: https://www.rankiteo.com/company/amports-inc.

"id": "amp630092125",
"linkid": "amports-inc.",
"type": "Ransomware",
"date": "6/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'industry': 'automotive port logistics',
                        'location': 'United States',
                        'name': 'AMPORTS',
                        'type': 'private company'}],
 'data_breach': {'data_encryption': True},
 'description': 'AMPORTS, an automotive port logistics company in the U.S., '
                'was targeted by the BlackBasta ransomware group in 2022. The '
                'attack, suspected to originate from Russian threat actors, '
                'disrupted the company’s port services, exposing '
                'vulnerabilities in automotive logistics providers, '
                'particularly in vehicle processing and distribution.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
                                       'operational disruption',
            'downtime': True,
            'operational_impact': 'Disruption of port services and automotive '
                                  'logistics operations',
            'systems_affected': ['port logistics systems',
                                 'vehicle processing and distribution '
                                 'systems']},
 'motivation': ['financial gain', 'disruption'],
 'ransomware': {'data_encryption': True, 'ransomware_strain': 'BlackBasta'},
 'threat_actor': 'BlackBasta',
 'title': 'BlackBasta Ransomware Attack on AMPORTS (2022)',
 'type': ['ransomware', 'cyberattack']}

AMPORTS

Brokk: Brokk purportedly hacked by Play ransomware, data leaked

Staples Inc.: 3rd Ex-Staples Employee Sues Over Alleged Data Hack

City of Minot and Minot Water Treatment Plant: Minot Water Treatment Plant hit by ransomware; water remained safe