NYK Confirms Data Breach in Marine Fuel Procurement System
Japanese shipping giant NYK disclosed a data breach affecting its marine fuel procurement system after detecting unauthorized access on March 24. The company confirmed that a third party accessed and exfiltrated data, including personal information, before the system was taken offline for investigation.
NYK restored the system on March 27 following initial security checks and response measures. The compromised data may include names, company names, phone numbers, and email addresses of current and former employees, as well as business partners.
The company reported the incident to Japan’s data protection authority and law enforcement, noting no evidence of ransomware or financial demands. No secondary damage has been confirmed at this time.
Source: https://shipandbunker.com/news/apac/757956-nyk-reports-data-breach-in-bunker-fuel-procurement-system
NYK Line cybersecurity rating report: https://www.rankiteo.com/company/nyk-line
"id": "NYK1775824533",
"linkid": "nyk-line",
"type": "Breach",
"date": "3/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Current and former employees, '
'business partners',
'industry': 'Shipping/Maritime',
'location': 'Japan',
'name': 'NYK',
'type': 'Corporation'}],
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'Moderate (names, company names, phone '
'numbers, email addresses)',
'type_of_data_compromised': 'Personal information'},
'date_detected': '2024-03-24',
'date_resolved': '2024-03-27',
'description': 'Japanese shipping giant NYK disclosed a data breach affecting '
'its marine fuel procurement system after detecting '
'unauthorized access on March 24. The company confirmed that a '
'third party accessed and exfiltrated data, including personal '
'information, before the system was taken offline for '
'investigation. NYK restored the system on March 27 following '
'initial security checks and response measures. The '
'compromised data may include names, company names, phone '
'numbers, and email addresses of current and former employees, '
'as well as business partners.',
'impact': {'data_compromised': 'Personal information (names, company names, '
'phone numbers, email addresses)',
'identity_theft_risk': 'Potential',
'systems_affected': 'Marine fuel procurement system'},
'investigation_status': 'Ongoing',
'ransomware': {'data_exfiltration': 'Yes', 'ransom_demanded': 'No'},
'regulatory_compliance': {'regulatory_notifications': 'Reported to Japan’s '
'data protection '
'authority'},
'response': {'containment_measures': 'System taken offline',
'law_enforcement_notified': 'Yes',
'recovery_measures': 'System restored',
'remediation_measures': 'Initial security checks'},
'title': 'NYK Data Breach in Marine Fuel Procurement System',
'type': 'Data Breach'}