Port of Seattle

In August 2024, the Port of Seattle was targeted by Rhysida ransomware group, resulting in a data breach that affected 90,000 individuals. The breach led to the unauthorized access and encryption of the port's computer systems, disrupting crucial services including baggage handling, check-ins, Wi-Fi, and parking. Personal information, including names, dates of birth, Social Security numbers, identification card numbers, and some medical information was compromised. The port's response included refusing to pay the ransom and implementing heightened security measures. Impacted individuals were offered free credit monitoring services as part of the remediation process.

Source: https://securityaffairs.com/176205/data-breach/port-of-seattle-august-data-breach-impacted-90000-people.html

TPRM report: https://scoringcyber.rankiteo.com/company/port-of-seattle

"id": "por000040625",
"linkid": "port-of-seattle",
"type": "Ransomware",
"date": "4/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '90,000 individuals',
                        'industry': 'Transportation',
                        'location': 'Seattle',
                        'name': 'Port of Seattle',
                        'type': 'Organization'}],
 'data_breach': {'data_encryption': 'Yes',
                 'number_of_records_exposed': '90,000',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal information',
                                              'Names',
                                              'Dates of birth',
                                              'Social Security numbers',
                                              'Identification card numbers',
                                              'Medical information']},
 'date_detected': 'August 2024',
 'description': 'In August 2024, the Port of Seattle was targeted by Rhysida '
                'ransomware group, resulting in a data breach that affected '
                '90,000 individuals. The breach led to the unauthorized access '
                "and encryption of the port's computer systems, disrupting "
                'crucial services including baggage handling, check-ins, '
                'Wi-Fi, and parking. Personal information, including names, '
                'dates of birth, Social Security numbers, identification card '
                'numbers, and some medical information was compromised. The '
                "port's response included refusing to pay the ransom and "
                'implementing heightened security measures. Impacted '
                'individuals were offered free credit monitoring services as '
                'part of the remediation process.',
 'impact': {'data_compromised': ['Personal information',
                                 'Names',
                                 'Dates of birth',
                                 'Social Security numbers',
                                 'Identification card numbers',
                                 'Medical information'],
            'operational_impact': 'Disruption of crucial services',
            'systems_affected': ['Baggage handling',
                                 'Check-ins',
                                 'Wi-Fi',
                                 'Parking']},
 'motivation': 'Financial Gain',
 'ransomware': {'data_encryption': 'Yes',
                'ransom_paid': 'No',
                'ransomware_strain': 'Rhysida'},
 'response': {'containment_measures': 'Heightened security measures',
              'remediation_measures': 'Free credit monitoring services'},
 'threat_actor': 'Rhysida ransomware group',
 'title': 'Rhysida Ransomware Attack on Port of Seattle',
 'type': 'Ransomware'}